Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    e8b2d328bb6cc3f37cf13c74428de960_NeikiAnalytics.exe

  • Size

    904KB

  • Sample

    240517-l7pxsadd99

  • MD5

    e8b2d328bb6cc3f37cf13c74428de960

  • SHA1

    8037d0f3a63d0b8d53d107a691d7643a7107de84

  • SHA256

    607aea4a37d9249900c473ffb13d16eb688b95c10ca2ab9cd192c729fe0488d1

  • SHA512

    253af489077e73777c1bb878d230c0f8e558f4e644c347d7c9efeb309e54f68a8cf99684875c1b209dd056319122ce51bbf5b580056b1e936fba5aafb9f68731

  • SSDEEP

    12288:9n8yN0Mr8ti6aVArIygU40vy3W/ceKSHMsiFyY6XNm0FrSNPUZ6RwQv:FPutiz0fDjymk4HM5yJmaiP0Qv

Malware Config

Targets

    • Target

      e8b2d328bb6cc3f37cf13c74428de960_NeikiAnalytics.exe

    • Size

      904KB

    • MD5

      e8b2d328bb6cc3f37cf13c74428de960

    • SHA1

      8037d0f3a63d0b8d53d107a691d7643a7107de84

    • SHA256

      607aea4a37d9249900c473ffb13d16eb688b95c10ca2ab9cd192c729fe0488d1

    • SHA512

      253af489077e73777c1bb878d230c0f8e558f4e644c347d7c9efeb309e54f68a8cf99684875c1b209dd056319122ce51bbf5b580056b1e936fba5aafb9f68731

    • SSDEEP

      12288:9n8yN0Mr8ti6aVArIygU40vy3W/ceKSHMsiFyY6XNm0FrSNPUZ6RwQv:FPutiz0fDjymk4HM5yJmaiP0Qv

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v15

Tasks