Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    0591e902871572f082d993695ecac470_NeikiAnalytics.exe

  • Size

    12KB

  • Sample

    240526-1rh7maeb83

  • MD5

    0591e902871572f082d993695ecac470

  • SHA1

    a10f26262c9f693994eb1acf18922464ae823b76

  • SHA256

    8a7a8c518cb2a54a30dd01a88e0ef7adb92144ec3e968bdd961895443d1c16ef

  • SHA512

    423fc323d851f5a615faa28afae42b976b73aba16df564e528b69b225ba6689ea557a6ed59b6f0668460afbd183e7680e1e0d4ad91b7cbf946b538672474e3a7

  • SSDEEP

    384:hL7li/2zMq2DcEQvdhcJKLTp/NK9xaWV:BIM/Q9cWV

Score
7/10

Malware Config

Targets

    • Target

      0591e902871572f082d993695ecac470_NeikiAnalytics.exe

    • Size

      12KB

    • MD5

      0591e902871572f082d993695ecac470

    • SHA1

      a10f26262c9f693994eb1acf18922464ae823b76

    • SHA256

      8a7a8c518cb2a54a30dd01a88e0ef7adb92144ec3e968bdd961895443d1c16ef

    • SHA512

      423fc323d851f5a615faa28afae42b976b73aba16df564e528b69b225ba6689ea557a6ed59b6f0668460afbd183e7680e1e0d4ad91b7cbf946b538672474e3a7

    • SSDEEP

      384:hL7li/2zMq2DcEQvdhcJKLTp/NK9xaWV:BIM/Q9cWV

    Score
    7/10
    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Uses the VBS compiler for execution

MITRE ATT&CK Enterprise v15

Tasks