Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    19362c9092cf3bf6d32fbd9973264f10_NeikiAnalytics.exe

  • Size

    12KB

  • Sample

    240604-a6ybzsfc8y

  • MD5

    19362c9092cf3bf6d32fbd9973264f10

  • SHA1

    e6185143bd2081220a80498289bb4864e614bfb8

  • SHA256

    770b0b9dc75dad954a5722f698dc3f16a82d06100f97d5fd02cfe4c9b02ffe12

  • SHA512

    fbb6c893971d54e79be857738e70a4d48e8cdf008d32582e262f7c095c5da304f5621168ad178c2fcdb7ec9719e585d99a1a74bcd677e91650b4ef47a277182f

  • SSDEEP

    384:5L7li/2zzeq2DcEQvdQcJKLTp/NK9xaiQ:JaMCQ9ciQ

Score
7/10

Malware Config

Targets

    • Target

      19362c9092cf3bf6d32fbd9973264f10_NeikiAnalytics.exe

    • Size

      12KB

    • MD5

      19362c9092cf3bf6d32fbd9973264f10

    • SHA1

      e6185143bd2081220a80498289bb4864e614bfb8

    • SHA256

      770b0b9dc75dad954a5722f698dc3f16a82d06100f97d5fd02cfe4c9b02ffe12

    • SHA512

      fbb6c893971d54e79be857738e70a4d48e8cdf008d32582e262f7c095c5da304f5621168ad178c2fcdb7ec9719e585d99a1a74bcd677e91650b4ef47a277182f

    • SSDEEP

      384:5L7li/2zzeq2DcEQvdQcJKLTp/NK9xaiQ:JaMCQ9ciQ

    Score
    7/10
    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Uses the VBS compiler for execution

MITRE ATT&CK Enterprise v15

Tasks