Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2bb14f045f6f8c74bdb120b3f72b4540_NeikiAnalytics.exe

  • Size

    790KB

  • Sample

    240528-bxk6qshg2z

  • MD5

    2bb14f045f6f8c74bdb120b3f72b4540

  • SHA1

    18cf95e34c48ff472ea1d6379e2c40ec05b7707d

  • SHA256

    2db89f67edc88eb7c6bac5dd6c9aadab090ef609ff728ac6d51e6c761b3d6aae

  • SHA512

    092f62672f92cbd6645474ca656dce107bbaa2789622d311577407f1aa32bd5579e04b446811d611225d6ce4f70d51ad2f70d9434324a7e8a2def2d6d8997eb9

  • SSDEEP

    12288:gxSncrR8TSxAQn1NEWoo6hKvvS3GRIZYQbXjjKbBRQtpxvwSslfTHVrQTBc8/:gxrmS5NEWooVS3NYQjHiRQVswTBcQ

Malware Config

Targets

    • Target

      2bb14f045f6f8c74bdb120b3f72b4540_NeikiAnalytics.exe

    • Size

      790KB

    • MD5

      2bb14f045f6f8c74bdb120b3f72b4540

    • SHA1

      18cf95e34c48ff472ea1d6379e2c40ec05b7707d

    • SHA256

      2db89f67edc88eb7c6bac5dd6c9aadab090ef609ff728ac6d51e6c761b3d6aae

    • SHA512

      092f62672f92cbd6645474ca656dce107bbaa2789622d311577407f1aa32bd5579e04b446811d611225d6ce4f70d51ad2f70d9434324a7e8a2def2d6d8997eb9

    • SSDEEP

      12288:gxSncrR8TSxAQn1NEWoo6hKvvS3GRIZYQbXjjKbBRQtpxvwSslfTHVrQTBc8/:gxrmS5NEWooVS3NYQjHiRQVswTBcQ

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Modifies system executable filetype association

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v15

Tasks