Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

9

Static

static

3

00be27cb2c...KI.exe

windows7-x64

9

00be27cb2c...KI.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    00be27cb2cbcf925306971cdba59bc30_NEIKI

  • Size

    149KB

  • Sample

    240509-j5trvabe52

  • MD5

    00be27cb2cbcf925306971cdba59bc30

  • SHA1

    5ebcf99b330b701f2961187b3fefe6b835b38ac4

  • SHA256

    7c8261ccb976c2d741f24e1891ed3f767fc91a54d72a4fa261946ef056a747e3

  • SHA512

    2f3edb0da6f3533f9911fb9ed1a88270359de18b11824e6fcf34dc592b292ab536d883319d7d357e05cbfebd6bc5596c5d2a511665fa3c62effb9749c80e7178

  • SSDEEP

    3072:6e7WpMaxeb0CYJ97lEYNR73e+eKZEe7WpMaxeb0CYJ97lEYNR73e+eKZ2:RqKvb0CYJ973e+eKZPqKvb0CYJ973e+U

Score
9/10
ransomware

Malware Config

Targets

    • Target

      00be27cb2cbcf925306971cdba59bc30_NEIKI

    • Size

      149KB

    • MD5

      00be27cb2cbcf925306971cdba59bc30

    • SHA1

      5ebcf99b330b701f2961187b3fefe6b835b38ac4

    • SHA256

      7c8261ccb976c2d741f24e1891ed3f767fc91a54d72a4fa261946ef056a747e3

    • SHA512

      2f3edb0da6f3533f9911fb9ed1a88270359de18b11824e6fcf34dc592b292ab536d883319d7d357e05cbfebd6bc5596c5d2a511665fa3c62effb9749c80e7178

    • SSDEEP

      3072:6e7WpMaxeb0CYJ97lEYNR73e+eKZEe7WpMaxeb0CYJ97lEYNR73e+eKZ2:RqKvb0CYJ973e+eKZPqKvb0CYJ973e+U

    Score
    9/10
    ransomware

    • Renames multiple (3730) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks