Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    3956e9a0ff2728ee118475d4c9b73490_NeikiAnalytics

  • Size

    1.3MB

  • Sample

    240515-z93hjscg2t

  • MD5

    3956e9a0ff2728ee118475d4c9b73490

  • SHA1

    331f3dc337dd5bd884429f5b8ca2b7a2de614140

  • SHA256

    24cd75450d61db614c1f534ff5ccc09eda8d16a30fc646903177d2047e507cea

  • SHA512

    6021650da5b480d58bbe77fc71ad18e342096421f582eca90a576d2d02fce0fc2bd65dad8463018897693bc3f2eca6dc79b47d5eab2c14f3e868afa6018d872e

  • SSDEEP

    24576:86aUnCrkzd40Vv9vst9TPv6nDT+hZnMbYyQJoAgYFtoC7P5h3:5ari40Vlu9TE65Vg+tBt

Malware Config

Targets

    • Target

      3956e9a0ff2728ee118475d4c9b73490_NeikiAnalytics

    • Size

      1.3MB

    • MD5

      3956e9a0ff2728ee118475d4c9b73490

    • SHA1

      331f3dc337dd5bd884429f5b8ca2b7a2de614140

    • SHA256

      24cd75450d61db614c1f534ff5ccc09eda8d16a30fc646903177d2047e507cea

    • SHA512

      6021650da5b480d58bbe77fc71ad18e342096421f582eca90a576d2d02fce0fc2bd65dad8463018897693bc3f2eca6dc79b47d5eab2c14f3e868afa6018d872e

    • SSDEEP

      24576:86aUnCrkzd40Vv9vst9TPv6nDT+hZnMbYyQJoAgYFtoC7P5h3:5ari40Vlu9TE65Vg+tBt

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks