Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    1178c6d76ef94bc3542b6c70e18bd0adf3ce14ea0904089acc3211a9b4713266_NeikiAnalytics.exe

  • Size

    757KB

  • Sample

    240628-y75pfsthjl

  • MD5

    ba019bd7d5c10dd965679c05da666d20

  • SHA1

    86d63b412b1846137b2bb9d3e48fadc1be80a60a

  • SHA256

    1178c6d76ef94bc3542b6c70e18bd0adf3ce14ea0904089acc3211a9b4713266

  • SHA512

    cceddc9aba5a494347e190ca2886995cef0633ded4e871d7226b89355bb31ed4f88ecadf55cbdf45101de1490625b90619ecedce59b33de8d2062ba23b75f0ca

  • SSDEEP

    12288:OWji9BjLcCTAp1KqKCgJ8XfoGi6i6wSwpzL1U0QYOLhBngsc/3VE1Fxp7p:CjLcC0psqKCnJZcpzL1U0ROLhBg7+V

Malware Config

Targets

    • Target

      1178c6d76ef94bc3542b6c70e18bd0adf3ce14ea0904089acc3211a9b4713266_NeikiAnalytics.exe

    • Size

      757KB

    • MD5

      ba019bd7d5c10dd965679c05da666d20

    • SHA1

      86d63b412b1846137b2bb9d3e48fadc1be80a60a

    • SHA256

      1178c6d76ef94bc3542b6c70e18bd0adf3ce14ea0904089acc3211a9b4713266

    • SHA512

      cceddc9aba5a494347e190ca2886995cef0633ded4e871d7226b89355bb31ed4f88ecadf55cbdf45101de1490625b90619ecedce59b33de8d2062ba23b75f0ca

    • SSDEEP

      12288:OWji9BjLcCTAp1KqKCgJ8XfoGi6i6wSwpzL1U0QYOLhBngsc/3VE1Fxp7p:CjLcC0psqKCnJZcpzL1U0ROLhBg7+V

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks