Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
a8af282ed1f586bc6e99955b37a269801c99274e76e9490a45c051cbce2c5379_NeikiAnalytics.exe
-
Size
1.5MB
-
Sample
240628-yk6y1atbql
-
MD5
75a5df610f72c41f1e2bd4cf025e9340
-
SHA1
4e6a55d161c141af30ab748d7e751fb4a3d64838
-
SHA256
a8af282ed1f586bc6e99955b37a269801c99274e76e9490a45c051cbce2c5379
-
SHA512
2c150a8378d426195694060b395f4369a92ad78c3b8777019915eacf2b19d1233d2a97b3e9c4ac7d3e0487f943a104e0aeccfb54a5cfe79bc18097e46778af9f
-
SSDEEP
24576:sWLkfcUos6EE3DjLOtZH1uO+XOnOBcjzcsPQjqh8Omo4oNM6E0/edzl9pl8TUv2j:BLkfc/L/LQuO+enNFH4o1NeJYTKW2E
Malware Config
Targets
-
-
Target
a8af282ed1f586bc6e99955b37a269801c99274e76e9490a45c051cbce2c5379_NeikiAnalytics.exe
-
Size
1.5MB
-
MD5
75a5df610f72c41f1e2bd4cf025e9340
-
SHA1
4e6a55d161c141af30ab748d7e751fb4a3d64838
-
SHA256
a8af282ed1f586bc6e99955b37a269801c99274e76e9490a45c051cbce2c5379
-
SHA512
2c150a8378d426195694060b395f4369a92ad78c3b8777019915eacf2b19d1233d2a97b3e9c4ac7d3e0487f943a104e0aeccfb54a5cfe79bc18097e46778af9f
-
SSDEEP
24576:sWLkfcUos6EE3DjLOtZH1uO+XOnOBcjzcsPQjqh8Omo4oNM6E0/edzl9pl8TUv2j:BLkfc/L/LQuO+enNFH4o1NeJYTKW2E
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops file in System32 directory
-