Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    dfb14938ced66474d65a99d03caf3d20_NeikiAnalytics

  • Size

    1.1MB

  • Sample

    240516-p9t63adh6s

  • MD5

    dfb14938ced66474d65a99d03caf3d20

  • SHA1

    30b205256208bef1fbda4a98ac9a3c9b8b1889dd

  • SHA256

    d564076cc38a895ff9a94a0a8e4b3816bd8ee94092e1ded5603b5f091ab4c0cd

  • SHA512

    6544b9a97dcf847a36abce8f9c6aede4b9d48697a119a1064779ddd00792cf4321db65b1ac01bc11380b81447936eb964036838aff9f8082d1fb70cf513c4f21

  • SSDEEP

    24576:Vry8fStKGc2ppYnQLYUlYc7lD7O6n4Uz9kGUdAYe5Elt0ZKK8Um:hz2B7JYBcZeOmSYesJrr

Malware Config

Targets

    • Target

      dfb14938ced66474d65a99d03caf3d20_NeikiAnalytics

    • Size

      1.1MB

    • MD5

      dfb14938ced66474d65a99d03caf3d20

    • SHA1

      30b205256208bef1fbda4a98ac9a3c9b8b1889dd

    • SHA256

      d564076cc38a895ff9a94a0a8e4b3816bd8ee94092e1ded5603b5f091ab4c0cd

    • SHA512

      6544b9a97dcf847a36abce8f9c6aede4b9d48697a119a1064779ddd00792cf4321db65b1ac01bc11380b81447936eb964036838aff9f8082d1fb70cf513c4f21

    • SSDEEP

      24576:Vry8fStKGc2ppYnQLYUlYc7lD7O6n4Uz9kGUdAYe5Elt0ZKK8Um:hz2B7JYBcZeOmSYesJrr

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks