Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    28bbf812878661f90ccbda967e5a3010_NeikiAnalytics.exe

  • Size

    3.0MB

  • Sample

    240602-dblaqagd3x

  • MD5

    28bbf812878661f90ccbda967e5a3010

  • SHA1

    c462ad377cc3167688f02d48442d19732d2c3b3f

  • SHA256

    d276d9f389dafb93af016e1bb14a78c1ab84283c58a8eb92f7d8e82ccc7c8d20

  • SHA512

    dce6ee65fdbe8e921a2b0ecafe3545be53eb153b1992c09de6757444e17e128aa0373674f6441e998b32055dff96c6abe5ec236e40ad8e4e08134a4665ec681e

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBWB/bSqz8b6LNX:sxX7QnxrloE5dpUp5bVz8eLF

Malware Config

Targets

    • Target

      28bbf812878661f90ccbda967e5a3010_NeikiAnalytics.exe

    • Size

      3.0MB

    • MD5

      28bbf812878661f90ccbda967e5a3010

    • SHA1

      c462ad377cc3167688f02d48442d19732d2c3b3f

    • SHA256

      d276d9f389dafb93af016e1bb14a78c1ab84283c58a8eb92f7d8e82ccc7c8d20

    • SHA512

      dce6ee65fdbe8e921a2b0ecafe3545be53eb153b1992c09de6757444e17e128aa0373674f6441e998b32055dff96c6abe5ec236e40ad8e4e08134a4665ec681e

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBWB/bSqz8b6LNX:sxX7QnxrloE5dpUp5bVz8eLF

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks