Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Resubmissions

28/06/2024, 22:57

240628-2w85aaxelj 7

28/06/2024, 19:29

240628-x7gryssgqj 7

General

  • Target

    0d07c6ae7c1186edd5d5bd6065cf36badfa3f882d3cdcfa5f47282d6a78c778a_NeikiAnalytics.exe

  • Size

    1.1MB

  • Sample

    240628-x7gryssgqj

  • MD5

    6c1132b92eaa64c4a90121cb4283dc60

  • SHA1

    1b1e02699dade52a2cb52de28087dab5c61e91e9

  • SHA256

    0d07c6ae7c1186edd5d5bd6065cf36badfa3f882d3cdcfa5f47282d6a78c778a

  • SHA512

    02214ed8194daedf07d99892965d7aa1e789ff75dea2575017798c61b2e2177daf64195bc76011982ff98019b55440afe68d229cd15ca7e18d15b8855fe37f81

  • SSDEEP

    24576:2w1prCyExwS4Ga7psz2eH1YvpLk8Qi+kWRhydKkQg+Aq5HRqNKRdW7:hT2wdGaIeVm2IydKkQ55HMP

Malware Config

Targets

    • Target

      0d07c6ae7c1186edd5d5bd6065cf36badfa3f882d3cdcfa5f47282d6a78c778a_NeikiAnalytics.exe

    • Size

      1.1MB

    • MD5

      6c1132b92eaa64c4a90121cb4283dc60

    • SHA1

      1b1e02699dade52a2cb52de28087dab5c61e91e9

    • SHA256

      0d07c6ae7c1186edd5d5bd6065cf36badfa3f882d3cdcfa5f47282d6a78c778a

    • SHA512

      02214ed8194daedf07d99892965d7aa1e789ff75dea2575017798c61b2e2177daf64195bc76011982ff98019b55440afe68d229cd15ca7e18d15b8855fe37f81

    • SSDEEP

      24576:2w1prCyExwS4Ga7psz2eH1YvpLk8Qi+kWRhydKkQg+Aq5HRqNKRdW7:hT2wdGaIeVm2IydKkQ55HMP

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks