Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    8e07527f27c35b67b0c5673ebc79a9295a4f2eb902bddbca3eff03b092ca5997_NeikiAnalytics.exe

  • Size

    1.9MB

  • Sample

    240628-jz4d4aygmg

  • MD5

    803bda58e66ff4f926f9badbde1f89a0

  • SHA1

    66c9ce9e3474a99906114bc5d89a9136604d21ef

  • SHA256

    8e07527f27c35b67b0c5673ebc79a9295a4f2eb902bddbca3eff03b092ca5997

  • SHA512

    3379ab069fcf6b2b418b452efff76f2ca8e2a809184be88c85ba2a841865b77204388ba18980e4279941ac6129892974402b5ca5021665ac3bbf674bba21dd5e

  • SSDEEP

    49152:VjRLmDGUcdUeirEy3+l7ZqTgcFrpXm48CEXLyYtlQyCg:RRLTUKarEy3GZqTgerVH85XOkL7

Malware Config

Targets

    • Target

      8e07527f27c35b67b0c5673ebc79a9295a4f2eb902bddbca3eff03b092ca5997_NeikiAnalytics.exe

    • Size

      1.9MB

    • MD5

      803bda58e66ff4f926f9badbde1f89a0

    • SHA1

      66c9ce9e3474a99906114bc5d89a9136604d21ef

    • SHA256

      8e07527f27c35b67b0c5673ebc79a9295a4f2eb902bddbca3eff03b092ca5997

    • SHA512

      3379ab069fcf6b2b418b452efff76f2ca8e2a809184be88c85ba2a841865b77204388ba18980e4279941ac6129892974402b5ca5021665ac3bbf674bba21dd5e

    • SSDEEP

      49152:VjRLmDGUcdUeirEy3+l7ZqTgcFrpXm48CEXLyYtlQyCg:RRLTUKarEy3GZqTgerVH85XOkL7

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks