Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    28265cb158a5c74bbd1690adc9d60db0_NeikiAnalytics

  • Size

    226KB

  • Sample

    240510-28r2jaab49

  • MD5

    28265cb158a5c74bbd1690adc9d60db0

  • SHA1

    6bffc78aa7e53045a606109b4d4916b1c083c352

  • SHA256

    6444f61b50d4ce24d7ef11b5b8e767a29ee2db73880f914a489d8cda3eb7bdca

  • SHA512

    ccfb6f29c598831bcdb2ffd7536b9fbc0867dc20351cc8203663ca0c0945f87828dca2cbaf8643c98d951a9acbce9956455439fd8752829e6196bba920b0c558

  • SSDEEP

    6144:RqlIyFESWu0SWuGSXqlIyFESWu0SWuGSC:tydyQ

Score
9/10

Malware Config

Targets

    • Target

      28265cb158a5c74bbd1690adc9d60db0_NeikiAnalytics

    • Size

      226KB

    • MD5

      28265cb158a5c74bbd1690adc9d60db0

    • SHA1

      6bffc78aa7e53045a606109b4d4916b1c083c352

    • SHA256

      6444f61b50d4ce24d7ef11b5b8e767a29ee2db73880f914a489d8cda3eb7bdca

    • SHA512

      ccfb6f29c598831bcdb2ffd7536b9fbc0867dc20351cc8203663ca0c0945f87828dca2cbaf8643c98d951a9acbce9956455439fd8752829e6196bba920b0c558

    • SSDEEP

      6144:RqlIyFESWu0SWuGSXqlIyFESWu0SWuGSC:tydyQ

    Score
    9/10
    • Renames multiple (4439) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Matrix

Tasks