Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    6bc8afff4cb223fe4d727e318a6a6120_NeikiAnalytics.exe

  • Size

    172KB

  • Sample

    240607-ts426abh84

  • MD5

    6bc8afff4cb223fe4d727e318a6a6120

  • SHA1

    726a563884d3487610233eecc145f4527be36456

  • SHA256

    809ecee1b45f982995eb1f2bd909b7c8e1e8d239fbc48bde760cdd9682ca179d

  • SHA512

    af3ccae5a000270ad3f3ba3a701f7d11fbce247da51b1c687fc8e94f2dae547d6621a37bba2739c328d896d40e96bb91bcfa9c002d19ce11d722fbd5a5b45a69

  • SSDEEP

    3072:oGqIGRpTa9p1om9PW/pqqsFUCN3R9MI+IrJAdmjVSZ6qmBAWddvCgDYWikuVQApS:oGHGRpO9p1om9+xs3NBBradm50muWDvx

Malware Config

Targets

    • Target

      6bc8afff4cb223fe4d727e318a6a6120_NeikiAnalytics.exe

    • Size

      172KB

    • MD5

      6bc8afff4cb223fe4d727e318a6a6120

    • SHA1

      726a563884d3487610233eecc145f4527be36456

    • SHA256

      809ecee1b45f982995eb1f2bd909b7c8e1e8d239fbc48bde760cdd9682ca179d

    • SHA512

      af3ccae5a000270ad3f3ba3a701f7d11fbce247da51b1c687fc8e94f2dae547d6621a37bba2739c328d896d40e96bb91bcfa9c002d19ce11d722fbd5a5b45a69

    • SSDEEP

      3072:oGqIGRpTa9p1om9PW/pqqsFUCN3R9MI+IrJAdmjVSZ6qmBAWddvCgDYWikuVQApS:oGHGRpO9p1om9+xs3NBBradm50muWDvx

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks