Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
b63bb79c57bf2f8a91ad512f309a5fd44596c5f57a840ed59f9200cb09ddd983_NeikiAnalytics.exe
-
Size
274KB
-
Sample
240629-wnemtawamq
-
MD5
665e74ffe2d50c5727ce8d60e7d68750
-
SHA1
bd46e6b4169d0e99d308626a58381d20e63227bf
-
SHA256
b63bb79c57bf2f8a91ad512f309a5fd44596c5f57a840ed59f9200cb09ddd983
-
SHA512
ec0dae28073645e8bcf31a9065d902dd1032d1304d06356137b5d7e5ad631f8517a08472c277e005c0fe104a507fe2f75b8fa54fe20797a72c387a079d61d742
-
SSDEEP
6144:A//ICMmDRxs3NBRoXMpbGljMxFjAIJZ0UiPQkLxcETJG4PhoIgP+:A//vi9B6D9MbjA+W5Y89J7
Malware Config
Targets
-
-
Target
b63bb79c57bf2f8a91ad512f309a5fd44596c5f57a840ed59f9200cb09ddd983_NeikiAnalytics.exe
-
Size
274KB
-
MD5
665e74ffe2d50c5727ce8d60e7d68750
-
SHA1
bd46e6b4169d0e99d308626a58381d20e63227bf
-
SHA256
b63bb79c57bf2f8a91ad512f309a5fd44596c5f57a840ed59f9200cb09ddd983
-
SHA512
ec0dae28073645e8bcf31a9065d902dd1032d1304d06356137b5d7e5ad631f8517a08472c277e005c0fe104a507fe2f75b8fa54fe20797a72c387a079d61d742
-
SSDEEP
6144:A//ICMmDRxs3NBRoXMpbGljMxFjAIJZ0UiPQkLxcETJG4PhoIgP+:A//vi9B6D9MbjA+W5Y89J7
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops file in System32 directory
-