Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
4c312c136c3d3630e6a7819073151abe2bec245e293fa02c864d455a8c5362f4_NeikiAnalytics.exe
-
Size
2.6MB
-
Sample
240628-atmpqatcpr
-
MD5
cd5e3e4dae1c6a68f46963b0feb76770
-
SHA1
d2bac6409ec52448379093ba990f4edde2624eb7
-
SHA256
4c312c136c3d3630e6a7819073151abe2bec245e293fa02c864d455a8c5362f4
-
SHA512
b5c9596501801e896d6a49e8f65d0ecc5a721bfc4e5530d468560a9112c0623175012b7acfe18594fe8d0a647e2b89a9c20380305f14a78f2d824a329cff121e
-
SSDEEP
12288:qCMYGmkOqYYf01bInqzHWI9WFEeapp3TXn8YoWSXLGzEoqAb8/DjUHhsAennZ5/I:qCmIYSbEDJUrTDw6aZWjvFtta8BuOh
Behavioral task
behavioral1
Sample
4c312c136c3d3630e6a7819073151abe2bec245e293fa02c864d455a8c5362f4_NeikiAnalytics.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
4c312c136c3d3630e6a7819073151abe2bec245e293fa02c864d455a8c5362f4_NeikiAnalytics.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
4c312c136c3d3630e6a7819073151abe2bec245e293fa02c864d455a8c5362f4_NeikiAnalytics.exe
-
Size
2.6MB
-
MD5
cd5e3e4dae1c6a68f46963b0feb76770
-
SHA1
d2bac6409ec52448379093ba990f4edde2624eb7
-
SHA256
4c312c136c3d3630e6a7819073151abe2bec245e293fa02c864d455a8c5362f4
-
SHA512
b5c9596501801e896d6a49e8f65d0ecc5a721bfc4e5530d468560a9112c0623175012b7acfe18594fe8d0a647e2b89a9c20380305f14a78f2d824a329cff121e
-
SSDEEP
12288:qCMYGmkOqYYf01bInqzHWI9WFEeapp3TXn8YoWSXLGzEoqAb8/DjUHhsAennZ5/I:qCmIYSbEDJUrTDw6aZWjvFtta8BuOh
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-