Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    9987357d56165f70d770956036f866820d519501df699cd8f4ca9e5973bfdd8e_NeikiAnalytics.exe

  • Size

    2.6MB

  • Sample

    240628-qfjzns1dne

  • MD5

    6011884027c7190e27d8394a06de6ab0

  • SHA1

    4bf3aa2fe0d732e0de1e484baf5c7d28045cc2b7

  • SHA256

    9987357d56165f70d770956036f866820d519501df699cd8f4ca9e5973bfdd8e

  • SHA512

    04b6350cd22974d830c81400cac432b40877c8ffd431ddb15e46af7bf1c39eaad9344370115e6fc8e683970bce8037a448a525e9668203d0e698a36f7ec59c89

  • SSDEEP

    49152:dT17pq/X+p1y+kGd7mpHg0KB4O8b8ITDnl1Zka:dTtpZjy+77O

Malware Config

Targets

    • Target

      9987357d56165f70d770956036f866820d519501df699cd8f4ca9e5973bfdd8e_NeikiAnalytics.exe

    • Size

      2.6MB

    • MD5

      6011884027c7190e27d8394a06de6ab0

    • SHA1

      4bf3aa2fe0d732e0de1e484baf5c7d28045cc2b7

    • SHA256

      9987357d56165f70d770956036f866820d519501df699cd8f4ca9e5973bfdd8e

    • SHA512

      04b6350cd22974d830c81400cac432b40877c8ffd431ddb15e46af7bf1c39eaad9344370115e6fc8e683970bce8037a448a525e9668203d0e698a36f7ec59c89

    • SSDEEP

      49152:dT17pq/X+p1y+kGd7mpHg0KB4O8b8ITDnl1Zka:dTtpZjy+77O

    • Drops startup file

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Modifies WinLogon

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks