Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    17a348c2d084ccba059374abdfc52c90_NeikiAnalytics.exe

  • Size

    41KB

  • Sample

    240517-xf997adc3z

  • MD5

    17a348c2d084ccba059374abdfc52c90

  • SHA1

    fb8908fecec3c27872ff7a5786677dd347544fbb

  • SHA256

    c55a8f486def463f724b25d9d701f25d0fd4d68c8464ccad83f06534005dcf9b

  • SHA512

    290e3212178badf4fe3eb68ce8fe3d07d9966e557b51544e829ae87f52b94ab9ac85482048f254f6b94da68c22ba2485966578fd5399b6b2bb57a3b56c02a23c

  • SSDEEP

    768:EeMc5VwWt1jDkbXdnTOyQxHFO+IxX2P5LIbbcPYir2lAqcdF0i09CyH:Eq5VwWDjDkdTRqHFOn8tIbbeYiuZIFSD

Malware Config

Targets

    • Target

      17a348c2d084ccba059374abdfc52c90_NeikiAnalytics.exe

    • Size

      41KB

    • MD5

      17a348c2d084ccba059374abdfc52c90

    • SHA1

      fb8908fecec3c27872ff7a5786677dd347544fbb

    • SHA256

      c55a8f486def463f724b25d9d701f25d0fd4d68c8464ccad83f06534005dcf9b

    • SHA512

      290e3212178badf4fe3eb68ce8fe3d07d9966e557b51544e829ae87f52b94ab9ac85482048f254f6b94da68c22ba2485966578fd5399b6b2bb57a3b56c02a23c

    • SSDEEP

      768:EeMc5VwWt1jDkbXdnTOyQxHFO+IxX2P5LIbbcPYir2lAqcdF0i09CyH:Eq5VwWDjDkdTRqHFOn8tIbbeYiuZIFSD

    • Drops file in Drivers directory

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Maps connected drives based on registry

      Disk information is often read in order to detect sandboxing environments.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.