Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
3c8d33419b188a3b0c904efe5acdb8dfb3f45ad82e59cbb0f86a478671054a73_NeikiAnalytics.exe
-
Size
1.9MB
-
Sample
240625-hjsrzsycrp
-
MD5
195a5ce451e07889730aa5ed64a5d030
-
SHA1
e21ee756c39f47a3ae3445746ad347dcf09d4fcb
-
SHA256
3c8d33419b188a3b0c904efe5acdb8dfb3f45ad82e59cbb0f86a478671054a73
-
SHA512
636edad0a1c989f2dbdb6008d6e631dcf3d96aafc39aa202c33f3934afaaacff3ad765fb2aeae8b700c2ed740840b90400374e520e39e3250a001e86408b7625
-
SSDEEP
49152:hIfp89ejJVw9lfuILYotLDqKzPV7vVPY6+z57EIUCUDd4UyD5wr:ufCcjJFr6t75g7up40
Malware Config
Targets
-
-
Target
3c8d33419b188a3b0c904efe5acdb8dfb3f45ad82e59cbb0f86a478671054a73_NeikiAnalytics.exe
-
Size
1.9MB
-
MD5
195a5ce451e07889730aa5ed64a5d030
-
SHA1
e21ee756c39f47a3ae3445746ad347dcf09d4fcb
-
SHA256
3c8d33419b188a3b0c904efe5acdb8dfb3f45ad82e59cbb0f86a478671054a73
-
SHA512
636edad0a1c989f2dbdb6008d6e631dcf3d96aafc39aa202c33f3934afaaacff3ad765fb2aeae8b700c2ed740840b90400374e520e39e3250a001e86408b7625
-
SSDEEP
49152:hIfp89ejJVw9lfuILYotLDqKzPV7vVPY6+z57EIUCUDd4UyD5wr:ufCcjJFr6t75g7up40
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops file in System32 directory
-