Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    d43ea1f0b4bf5436852c21efbbee2000_NeikiAnalytics

  • Size

    1.6MB

  • Sample

    240515-qr9pgabf3s

  • MD5

    d43ea1f0b4bf5436852c21efbbee2000

  • SHA1

    a1fca51de2aa0da6646990209bda1fef2051a22c

  • SHA256

    6bf5067687c8400f14e0da62c3eef51c8d7655b84f4ebcccb082155c62ba11e9

  • SHA512

    dda9c7763ec29055ba98f288fe5ff92225b8207968c1cb230e1e3b7ff956107baaa16bdd01757810175926bca88cea02e39b3b0d35e4a93a858aa10d2a82ecb5

  • SSDEEP

    24576:VP8fvZh80df25dVyX+5549EmwiQIIt6uNks+Cx+TpHib77bJCLdGpkKGE2JsqcO:CfvD45d3U9E8zItjNk/T9qba0p1J/O

Malware Config

Targets

    • Target

      d43ea1f0b4bf5436852c21efbbee2000_NeikiAnalytics

    • Size

      1.6MB

    • MD5

      d43ea1f0b4bf5436852c21efbbee2000

    • SHA1

      a1fca51de2aa0da6646990209bda1fef2051a22c

    • SHA256

      6bf5067687c8400f14e0da62c3eef51c8d7655b84f4ebcccb082155c62ba11e9

    • SHA512

      dda9c7763ec29055ba98f288fe5ff92225b8207968c1cb230e1e3b7ff956107baaa16bdd01757810175926bca88cea02e39b3b0d35e4a93a858aa10d2a82ecb5

    • SSDEEP

      24576:VP8fvZh80df25dVyX+5549EmwiQIIt6uNks+Cx+TpHib77bJCLdGpkKGE2JsqcO:CfvD45d3U9E8zItjNk/T9qba0p1J/O

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks