Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

9

Static

static

3

86dc41d03f...cs.exe

windows7-x64

9

86dc41d03f...cs.exe

windows10-2004-x64

9

Analysis

  • max time kernel
    150s
  • max time network
    152s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240226-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
  • submitted
    10/05/2024, 05:58

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    86dc41d03f622705140c7b6a71967fd0_NeikiAnalytics.exe

  • Size

    93KB

  • MD5

    86dc41d03f622705140c7b6a71967fd0

  • SHA1

    d22314168952740391b70c934418c2f5323a45c5

  • SHA256

    3ee72d2a46b16b007fc31a5586d50d50f65451482461fdcf9f995e717633c27d

  • SHA512

    a4e9be4a7bdd3a4aaf6227866cd586a7c9a9f2a55422e5e6a1686481bfae2c2683843c742ebf8af9ae5aa1a8c8a2a6459b768f89dbfd926c633d0d34655b0692

  • SSDEEP

    1536:W7ZrpApojOPG0PGQJwFJwkpe+eTDPfFpsJOfFpsJCAdCjHKP76PDn+I+9:6rWpcOPxPke+e3fFpsJOfFpsJbgEODm

Score
9/10
ransomware

Malware Config

Signatures

  • Renames multiple (927) files with added filename extension

    This suggests ransomware activity of encrypting all the files on the system.

    ransomware
  • Drops file in Program Files directory 64 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\86dc41d03f622705140c7b6a71967fd0_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\86dc41d03f622705140c7b6a71967fd0_NeikiAnalytics.exe"
    1⤵
    • Drops file in Program Files directory
    PID:4860
  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=3808 --field-trial-handle=2280,i,716736634476467098,11449718822158202904,262144 --variations-seed-version /prefetch:8
    1⤵
      PID:2656

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\$Recycle.Bin\S-1-5-21-3808065738-1666277613-1125846146-1000\desktop.ini.tmp
      Filesize

      93KB

      MD5

      e944d1244fd79cd18f20f87d670e06d7

      SHA1

      5f10884bbb973998e74b2934545525d632c90560

      SHA256

      3f8c649926bfdf8552b0132d9ad0d78baf53d60abfc6debf271aa8aba6424b9c

      SHA512

      4218e8651a7f30af4342aada99022f7e9191489e2d2a3bbf05a1046e2806945fdcd64e84fa6e342ed003a47a6d4df8e32f5bd321662cff80ef8d38869145c5c9

      Download Submit

    • C:\libsmartscreen.dll.tmp
      Filesize

      93KB

      MD5

      3231f03b57b752581d90b790e08acaee

      SHA1

      1f19a96540f069462345f64d36c18adee3fc4856

      SHA256

      ea3081836e5ffc75ea6d8d8bd330a169b9750506eb352714c7ed422592cdeeca

      SHA512

      9e801a53094e20aae865e849ed704945552c5954b8e38c8ed34349887f9a996e4fd7ede00781b940ed6720a0c1a154463aa5e54cb14df224cc5f116277545190

      Download Submit