Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    656d24cca6190b419de97393d257fa80_NeikiAnalytics.exe

  • Size

    3.0MB

  • Sample

    240530-fk2eeagd69

  • MD5

    656d24cca6190b419de97393d257fa80

  • SHA1

    88ddc929922dee50d8e11132279af714a9fee19c

  • SHA256

    941af33c8bf3ba6329d76308a2574f202d2ed02564935e0c16c9fb739502180c

  • SHA512

    34a3e5a6240753b0ee42330f0969541d069c6ec32af2253ce69008a57539798487d18995dcfc64037ae89b0676e8121f0e749a826fc93573d46a18ef757bde64

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LB5B/bSqz8b6LNX:sxX7QnxrloE5dpUpObVz8eLF

Malware Config

Targets

    • Target

      656d24cca6190b419de97393d257fa80_NeikiAnalytics.exe

    • Size

      3.0MB

    • MD5

      656d24cca6190b419de97393d257fa80

    • SHA1

      88ddc929922dee50d8e11132279af714a9fee19c

    • SHA256

      941af33c8bf3ba6329d76308a2574f202d2ed02564935e0c16c9fb739502180c

    • SHA512

      34a3e5a6240753b0ee42330f0969541d069c6ec32af2253ce69008a57539798487d18995dcfc64037ae89b0676e8121f0e749a826fc93573d46a18ef757bde64

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LB5B/bSqz8b6LNX:sxX7QnxrloE5dpUpObVz8eLF

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks