Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
965c9c69c9ce663720a4e801adf2fb50ceb7c116060d651708408976706ef587_NeikiAnalytics.exe
-
Size
1.9MB
-
Sample
240628-nynz8sxgmg
-
MD5
2c1d966ae5e47846144ade43bb958b90
-
SHA1
99dfe406e5e35d65fddcdf8349ec210bc9903474
-
SHA256
965c9c69c9ce663720a4e801adf2fb50ceb7c116060d651708408976706ef587
-
SHA512
1c8b5aee5a5e7e51d2ece5007a6a4d71c24e14277b10a1e09ddd687ef7914433f9476efbf353aeb34a2f9854a730663e35ff0e574c50b06f1244285c5de433ad
-
SSDEEP
49152:V8630tUDih4DC/ILo/2MlfDEC10OO8sHdpeNirYD3F4DM94boPk:m1OsAoOaEC1VgdpeFyM94bIk
Malware Config
Targets
-
-
Target
965c9c69c9ce663720a4e801adf2fb50ceb7c116060d651708408976706ef587_NeikiAnalytics.exe
-
Size
1.9MB
-
MD5
2c1d966ae5e47846144ade43bb958b90
-
SHA1
99dfe406e5e35d65fddcdf8349ec210bc9903474
-
SHA256
965c9c69c9ce663720a4e801adf2fb50ceb7c116060d651708408976706ef587
-
SHA512
1c8b5aee5a5e7e51d2ece5007a6a4d71c24e14277b10a1e09ddd687ef7914433f9476efbf353aeb34a2f9854a730663e35ff0e574c50b06f1244285c5de433ad
-
SSDEEP
49152:V8630tUDih4DC/ILo/2MlfDEC10OO8sHdpeNirYD3F4DM94boPk:m1OsAoOaEC1VgdpeFyM94bIk
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops file in System32 directory
-