Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    79282650946aa061feda7bb4f0ca2870_NeikiAnalytics.exe

  • Size

    3.9MB

  • Sample

    240602-2mg97sag89

  • MD5

    79282650946aa061feda7bb4f0ca2870

  • SHA1

    9b08233ee7c898a0a247c5cb379cb06cf660d597

  • SHA256

    0f71cd9425616efad6c00696769ad12080cf491daf00bb79811e2bee8c1bbe15

  • SHA512

    7f92abff390cb1d0462cc9e4a9cd5004f91108fa7e76a06478ec3e285d070520f329ccc9315cf19b3baa1f47185be74dfddb986f788dee64f2d2887e25575d3f

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBbB/bSqz8:sxX7QnxrloE5dpUpYbVz8

Malware Config

Targets

    • Target

      79282650946aa061feda7bb4f0ca2870_NeikiAnalytics.exe

    • Size

      3.9MB

    • MD5

      79282650946aa061feda7bb4f0ca2870

    • SHA1

      9b08233ee7c898a0a247c5cb379cb06cf660d597

    • SHA256

      0f71cd9425616efad6c00696769ad12080cf491daf00bb79811e2bee8c1bbe15

    • SHA512

      7f92abff390cb1d0462cc9e4a9cd5004f91108fa7e76a06478ec3e285d070520f329ccc9315cf19b3baa1f47185be74dfddb986f788dee64f2d2887e25575d3f

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBbB/bSqz8:sxX7QnxrloE5dpUpYbVz8

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks