Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    8e30a8db8d13695782510a9dc3392ab0_NeikiAnalytics

  • Size

    1.5MB

  • Sample

    240516-d42heaaf65

  • MD5

    8e30a8db8d13695782510a9dc3392ab0

  • SHA1

    4009b7a927d65ac35b359a54ae93c7d60fc42003

  • SHA256

    901e085db9c8b300a805daa7b42658f32a399c461c1326f6452f2d194f5a5ad5

  • SHA512

    d52726ba05b035ab19431ab9f7ebc045c0458437fb812f46c5273977aece37b49548b1ddde4a59cfa93759181c4f15f1eaf5464a448b75c3b5e785cb4f45707e

  • SSDEEP

    49152:VOhVxJqZ/XmEp/8bI6UEHrEM0rVnf/z6drV7D:QhVXqhWKk8+HoM0r13OdBD

Malware Config

Targets

    • Target

      8e30a8db8d13695782510a9dc3392ab0_NeikiAnalytics

    • Size

      1.5MB

    • MD5

      8e30a8db8d13695782510a9dc3392ab0

    • SHA1

      4009b7a927d65ac35b359a54ae93c7d60fc42003

    • SHA256

      901e085db9c8b300a805daa7b42658f32a399c461c1326f6452f2d194f5a5ad5

    • SHA512

      d52726ba05b035ab19431ab9f7ebc045c0458437fb812f46c5273977aece37b49548b1ddde4a59cfa93759181c4f15f1eaf5464a448b75c3b5e785cb4f45707e

    • SSDEEP

      49152:VOhVxJqZ/XmEp/8bI6UEHrEM0rVnf/z6drV7D:QhVXqhWKk8+HoM0r13OdBD

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks