Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    9522536e8f2a4a117b00ad1c7b017030_NeikiAnalytics

  • Size

    1.7MB

  • Sample

    240515-g4ekescg6v

  • MD5

    9522536e8f2a4a117b00ad1c7b017030

  • SHA1

    3df5ed63528c870dfcd46d4ffbe8bc03bfae441d

  • SHA256

    8800152b09df79fc7a3b2dabee09981f583a6ea1463973c1463b56eb3e42154b

  • SHA512

    a33cb03d5417549db845628f5aa4a2829599ea6f9dbe1cc2ca27cd87f82349b264deb0760bdb93b9f9e52cda9b8a82197ca364228a1678bb39154414f5722150

  • SSDEEP

    24576:ScgSHuZfMnEcr3bX+3ObwMuII4vHD2feyj0j4X1yJOc8Ps7useI6IEtpMWcD7ZBk:GIIfhcb7LwM/afquso53IEXMnD7Zy

Malware Config

Targets

    • Target

      9522536e8f2a4a117b00ad1c7b017030_NeikiAnalytics

    • Size

      1.7MB

    • MD5

      9522536e8f2a4a117b00ad1c7b017030

    • SHA1

      3df5ed63528c870dfcd46d4ffbe8bc03bfae441d

    • SHA256

      8800152b09df79fc7a3b2dabee09981f583a6ea1463973c1463b56eb3e42154b

    • SHA512

      a33cb03d5417549db845628f5aa4a2829599ea6f9dbe1cc2ca27cd87f82349b264deb0760bdb93b9f9e52cda9b8a82197ca364228a1678bb39154414f5722150

    • SSDEEP

      24576:ScgSHuZfMnEcr3bX+3ObwMuII4vHD2feyj0j4X1yJOc8Ps7useI6IEtpMWcD7ZBk:GIIfhcb7LwM/afquso53IEXMnD7Zy

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks