Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
6bc8afff4cb223fe4d727e318a6a6120_NeikiAnalytics.exe
-
Size
172KB
-
Sample
240607-ts426abh84
-
MD5
6bc8afff4cb223fe4d727e318a6a6120
-
SHA1
726a563884d3487610233eecc145f4527be36456
-
SHA256
809ecee1b45f982995eb1f2bd909b7c8e1e8d239fbc48bde760cdd9682ca179d
-
SHA512
af3ccae5a000270ad3f3ba3a701f7d11fbce247da51b1c687fc8e94f2dae547d6621a37bba2739c328d896d40e96bb91bcfa9c002d19ce11d722fbd5a5b45a69
-
SSDEEP
3072:oGqIGRpTa9p1om9PW/pqqsFUCN3R9MI+IrJAdmjVSZ6qmBAWddvCgDYWikuVQApS:oGHGRpO9p1om9+xs3NBBradm50muWDvx
Malware Config
Targets
-
-
Target
6bc8afff4cb223fe4d727e318a6a6120_NeikiAnalytics.exe
-
Size
172KB
-
MD5
6bc8afff4cb223fe4d727e318a6a6120
-
SHA1
726a563884d3487610233eecc145f4527be36456
-
SHA256
809ecee1b45f982995eb1f2bd909b7c8e1e8d239fbc48bde760cdd9682ca179d
-
SHA512
af3ccae5a000270ad3f3ba3a701f7d11fbce247da51b1c687fc8e94f2dae547d6621a37bba2739c328d896d40e96bb91bcfa9c002d19ce11d722fbd5a5b45a69
-
SSDEEP
3072:oGqIGRpTa9p1om9PW/pqqsFUCN3R9MI+IrJAdmjVSZ6qmBAWddvCgDYWikuVQApS:oGHGRpO9p1om9+xs3NBBradm50muWDvx
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops file in System32 directory
-