Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    572979902794380c80219877540111fe0710bb2772cfb739e1bfd53c8caddd86_NeikiAnalytics.exe

  • Size

    793KB

  • Sample

    240625-m3x82ayell

  • MD5

    ae450fe9e6bbb1b218a0c08c5b025780

  • SHA1

    fd0bc63b51f54da85abc07b774bc339bf855f303

  • SHA256

    572979902794380c80219877540111fe0710bb2772cfb739e1bfd53c8caddd86

  • SHA512

    ccb035fc654438af5afb4b8a7b6adae39bfbd8278dd60abba41ba4b46e80458a5015857cd42971b532e5daf74fb8989075cd23523cffc2bc5dbd2d3607670344

  • SSDEEP

    12288:A//vi9BrUbY5FjDwP+nlKPB7cCwj0R8TDgkyDZqfbwaL1R0uRFmRhJH:2wrwIDw2n30qTDgka0P1R0uX2LH

Malware Config

Targets

    • Target

      572979902794380c80219877540111fe0710bb2772cfb739e1bfd53c8caddd86_NeikiAnalytics.exe

    • Size

      793KB

    • MD5

      ae450fe9e6bbb1b218a0c08c5b025780

    • SHA1

      fd0bc63b51f54da85abc07b774bc339bf855f303

    • SHA256

      572979902794380c80219877540111fe0710bb2772cfb739e1bfd53c8caddd86

    • SHA512

      ccb035fc654438af5afb4b8a7b6adae39bfbd8278dd60abba41ba4b46e80458a5015857cd42971b532e5daf74fb8989075cd23523cffc2bc5dbd2d3607670344

    • SSDEEP

      12288:A//vi9BrUbY5FjDwP+nlKPB7cCwj0R8TDgkyDZqfbwaL1R0uRFmRhJH:2wrwIDw2n30qTDgka0P1R0uX2LH

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks