Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    889b9fba3c2d2a5f94b715d954cddc00_NeikiAnalytics.exe

  • Size

    1.3MB

  • Sample

    240613-1cr6zs1aqd

  • MD5

    889b9fba3c2d2a5f94b715d954cddc00

  • SHA1

    6869357d62dc40fe0cf724940394fb145eb705d3

  • SHA256

    b3e0c3f52003b2dd2b7a9423b486e11018f475ac3238885615732ed34ace137b

  • SHA512

    7f07bda043d7bf8c98affafd216cfbacd99c29b76a8f8bf3f7b7d1144c04e3cc3226ca512dc21c920c00b30748c61a6d5f2884babcb6d21084bfd178ce49a18f

  • SSDEEP

    24576:RVIl/WDGCi7/qkat6Q5aILMCfmAUjzX6xQ0+wCIygDsAUSTsU9+5s:ROdWCCi7/raZ5aIwC+Agr6SNasr5s

Malware Config

Targets

    • Target

      889b9fba3c2d2a5f94b715d954cddc00_NeikiAnalytics.exe

    • Size

      1.3MB

    • MD5

      889b9fba3c2d2a5f94b715d954cddc00

    • SHA1

      6869357d62dc40fe0cf724940394fb145eb705d3

    • SHA256

      b3e0c3f52003b2dd2b7a9423b486e11018f475ac3238885615732ed34ace137b

    • SHA512

      7f07bda043d7bf8c98affafd216cfbacd99c29b76a8f8bf3f7b7d1144c04e3cc3226ca512dc21c920c00b30748c61a6d5f2884babcb6d21084bfd178ce49a18f

    • SSDEEP

      24576:RVIl/WDGCi7/qkat6Q5aILMCfmAUjzX6xQ0+wCIygDsAUSTsU9+5s:ROdWCCi7/raZ5aIwC+Agr6SNasr5s

    • KPOT

      KPOT is an information stealer that steals user data and account credentials.

    • KPOT Core Executable

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

    • XMRig Miner payload

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks