Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    21bbabf0be3cf6ea0a792eaf8d416f00_NEIKI

  • Size

    199KB

  • Sample

    240507-y3qpqsdh2x

  • MD5

    21bbabf0be3cf6ea0a792eaf8d416f00

  • SHA1

    1bafe382147fa1d48252caaf606a1466b4b969ff

  • SHA256

    ba0a3085dc7b21d3013026efca1a6fa739e1e33eaa75504051c272cddef49043

  • SHA512

    808099a6f6e6fdf4ddc07bd89cee376a383e24ca294f5aa6ee82289e238db0b5b6a575ee8485470e621a55468ae5e819dd6248e3d02633ed9233c679cde3a0cb

  • SSDEEP

    3072:6rWpcOPxPke+e3fFpsJOfFpsJbgEXrWpcOPxPke+e3fFpsJOfFpsJbgEZ:tFPxPke+eIKFPxPke+eIZ

Score
9/10

Malware Config

Targets

    • Target

      21bbabf0be3cf6ea0a792eaf8d416f00_NEIKI

    • Size

      199KB

    • MD5

      21bbabf0be3cf6ea0a792eaf8d416f00

    • SHA1

      1bafe382147fa1d48252caaf606a1466b4b969ff

    • SHA256

      ba0a3085dc7b21d3013026efca1a6fa739e1e33eaa75504051c272cddef49043

    • SHA512

      808099a6f6e6fdf4ddc07bd89cee376a383e24ca294f5aa6ee82289e238db0b5b6a575ee8485470e621a55468ae5e819dd6248e3d02633ed9233c679cde3a0cb

    • SSDEEP

      3072:6rWpcOPxPke+e3fFpsJOfFpsJbgEXrWpcOPxPke+e3fFpsJOfFpsJbgEZ:tFPxPke+eIKFPxPke+eIZ

    Score
    9/10
    • Renames multiple (346) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Matrix

Tasks