Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    a1b8c5020d57a36014473fddf2cab0f305e90195a5fbcf1b29bdfb5d584c1589_NeikiAnalytics.exe

  • Size

    3.6MB

  • Sample

    240628-vdpvcsxanh

  • MD5

    c99a41aad6eea5c335b3aca6f2043bd0

  • SHA1

    adc73cdd61b451224c539816ac3fc6c83a948234

  • SHA256

    a1b8c5020d57a36014473fddf2cab0f305e90195a5fbcf1b29bdfb5d584c1589

  • SHA512

    ef5e853d715c53dc9a4f40597c40bbc20bc81d71ec2b778afb56b67a244274a0f2d7821dd4dd5a16016e2ae6361a4055100032a80d7b28410cf7ee7e529580af

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBEB/bSqz8b6LNXJqI20t:sxX7QnxrloE5dpUp/bVz8eLFcz

Malware Config

Targets

    • Target

      a1b8c5020d57a36014473fddf2cab0f305e90195a5fbcf1b29bdfb5d584c1589_NeikiAnalytics.exe

    • Size

      3.6MB

    • MD5

      c99a41aad6eea5c335b3aca6f2043bd0

    • SHA1

      adc73cdd61b451224c539816ac3fc6c83a948234

    • SHA256

      a1b8c5020d57a36014473fddf2cab0f305e90195a5fbcf1b29bdfb5d584c1589

    • SHA512

      ef5e853d715c53dc9a4f40597c40bbc20bc81d71ec2b778afb56b67a244274a0f2d7821dd4dd5a16016e2ae6361a4055100032a80d7b28410cf7ee7e529580af

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBEB/bSqz8b6LNXJqI20t:sxX7QnxrloE5dpUp/bVz8eLFcz

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks