Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    dac28b544a582c4ef948558f94baa2c0_NeikiAnalytics

  • Size

    373KB

  • Sample

    240516-mktg5agc6v

  • MD5

    dac28b544a582c4ef948558f94baa2c0

  • SHA1

    e682c71f5a889ad42a5f68142675a18c535a7f74

  • SHA256

    8ae741dc69f899e5c2d1217d5e3cdfd11773d66e5cdcdca7343dabee6d979cba

  • SHA512

    335ab4f75b2e787c0ba5e928a105d86449625f5ea76fedf1e93d6f6e3ef051f68bbd7f0ea772c87b2318b8af777d46dc202dd2786e3f83c3934742b411644a03

  • SSDEEP

    6144:xjluQoSqIo5R4nM/40yJN6N9U46KulDAg6c15g7xqVi/qOT8gbs3cJsnREnYdaO:xEQoS+qhLDMsqFvGKsndd

Malware Config

Targets

    • Target

      dac28b544a582c4ef948558f94baa2c0_NeikiAnalytics

    • Size

      373KB

    • MD5

      dac28b544a582c4ef948558f94baa2c0

    • SHA1

      e682c71f5a889ad42a5f68142675a18c535a7f74

    • SHA256

      8ae741dc69f899e5c2d1217d5e3cdfd11773d66e5cdcdca7343dabee6d979cba

    • SHA512

      335ab4f75b2e787c0ba5e928a105d86449625f5ea76fedf1e93d6f6e3ef051f68bbd7f0ea772c87b2318b8af777d46dc202dd2786e3f83c3934742b411644a03

    • SSDEEP

      6144:xjluQoSqIo5R4nM/40yJN6N9U46KulDAg6c15g7xqVi/qOT8gbs3cJsnREnYdaO:xEQoS+qhLDMsqFvGKsndd

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks