Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
8e07527f27c35b67b0c5673ebc79a9295a4f2eb902bddbca3eff03b092ca5997_NeikiAnalytics.exe
-
Size
1.9MB
-
Sample
240628-jz4d4aygmg
-
MD5
803bda58e66ff4f926f9badbde1f89a0
-
SHA1
66c9ce9e3474a99906114bc5d89a9136604d21ef
-
SHA256
8e07527f27c35b67b0c5673ebc79a9295a4f2eb902bddbca3eff03b092ca5997
-
SHA512
3379ab069fcf6b2b418b452efff76f2ca8e2a809184be88c85ba2a841865b77204388ba18980e4279941ac6129892974402b5ca5021665ac3bbf674bba21dd5e
-
SSDEEP
49152:VjRLmDGUcdUeirEy3+l7ZqTgcFrpXm48CEXLyYtlQyCg:RRLTUKarEy3GZqTgerVH85XOkL7
Malware Config
Targets
-
-
Target
8e07527f27c35b67b0c5673ebc79a9295a4f2eb902bddbca3eff03b092ca5997_NeikiAnalytics.exe
-
Size
1.9MB
-
MD5
803bda58e66ff4f926f9badbde1f89a0
-
SHA1
66c9ce9e3474a99906114bc5d89a9136604d21ef
-
SHA256
8e07527f27c35b67b0c5673ebc79a9295a4f2eb902bddbca3eff03b092ca5997
-
SHA512
3379ab069fcf6b2b418b452efff76f2ca8e2a809184be88c85ba2a841865b77204388ba18980e4279941ac6129892974402b5ca5021665ac3bbf674bba21dd5e
-
SSDEEP
49152:VjRLmDGUcdUeirEy3+l7ZqTgcFrpXm48CEXLyYtlQyCg:RRLTUKarEy3GZqTgerVH85XOkL7
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops file in System32 directory
-