Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
-
Size
1.4MB
-
Sample
240629-p9x8qa1cmm
-
MD5
767d7bd9be09dea4533b55c2ca564200
-
SHA1
4519e35d8b67439347be06ac86d568363c1727e4
-
SHA256
ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34
-
SHA512
84473e3f39e4bb78d2f3268b707dcb1cbd03a3c7d66064c7f52c78f9b9281190b003c390d087543cab066525cbac0abf4435f05fc42171043f4edf8c0ea1f97a
-
SSDEEP
24576:2wCjAz2JLbE6UH0swuQRd/6cRHXUDoQDZi7GZl+7XQWxw9FHKKKbzvU:hzK1oH0FecdUDfi78XFqKyvU
Malware Config
Targets
-
-
Target
ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
-
Size
1.4MB
-
MD5
767d7bd9be09dea4533b55c2ca564200
-
SHA1
4519e35d8b67439347be06ac86d568363c1727e4
-
SHA256
ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34
-
SHA512
84473e3f39e4bb78d2f3268b707dcb1cbd03a3c7d66064c7f52c78f9b9281190b003c390d087543cab066525cbac0abf4435f05fc42171043f4edf8c0ea1f97a
-
SSDEEP
24576:2wCjAz2JLbE6UH0swuQRd/6cRHXUDoQDZi7GZl+7XQWxw9FHKKKbzvU:hzK1oH0FecdUDfi78XFqKyvU
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops file in System32 directory
-