Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
490d9f673ed03a0796cccd373717a6b0a0d26155d7d7005f5179f03e7863f156_NeikiAnalytics.exe
-
Size
1.4MB
-
Sample
240625-kl64hasepn
-
MD5
8af00c79c5fbd11d9cb3ed0264c43610
-
SHA1
c5bd7f5e695946dcad1747469881c328180b0374
-
SHA256
490d9f673ed03a0796cccd373717a6b0a0d26155d7d7005f5179f03e7863f156
-
SHA512
f36449c7bcf3b6e6e5db5a3caea5e71b01f2210b0397016dd436aeb15bb182fae70efeac664bf72fc2a492e3b3a9412e61509ae82382a3b739249a529f364969
-
SSDEEP
24576:2wVX7kwr8SMMy5BhSUgJEXzQL6v3B8AEwZd44JsGPSElKt3pHVqPC4:hVX7kwrjyzhSUg+XzQLO3BJEzuLXMt36
Malware Config
Targets
-
-
Target
490d9f673ed03a0796cccd373717a6b0a0d26155d7d7005f5179f03e7863f156_NeikiAnalytics.exe
-
Size
1.4MB
-
MD5
8af00c79c5fbd11d9cb3ed0264c43610
-
SHA1
c5bd7f5e695946dcad1747469881c328180b0374
-
SHA256
490d9f673ed03a0796cccd373717a6b0a0d26155d7d7005f5179f03e7863f156
-
SHA512
f36449c7bcf3b6e6e5db5a3caea5e71b01f2210b0397016dd436aeb15bb182fae70efeac664bf72fc2a492e3b3a9412e61509ae82382a3b739249a529f364969
-
SSDEEP
24576:2wVX7kwr8SMMy5BhSUgJEXzQL6v3B8AEwZd44JsGPSElKt3pHVqPC4:hVX7kwrjyzhSUg+XzQLO3BJEzuLXMt36
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops file in System32 directory
-