Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

9

Static

static

3

b54648f489...cs.exe

windows7-x64

9

b54648f489...cs.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    b54648f48936c6e51f8790fb25c3f080_NeikiAnalytics

  • Size

    203KB

  • Sample

    240514-kxw3nshe2v

  • MD5

    b54648f48936c6e51f8790fb25c3f080

  • SHA1

    3382e65d6e942c74e2402dcbfabd0f3a133765a4

  • SHA256

    52d4bee3f235b07e109a40ec41cb0d328187d641006b9b889b1bc5c26f4a1d64

  • SHA512

    28196c71100e16673e70a9cdbb102b5873ee73e34f062d2ab4e1777848de1c354fd285e2afd7e48f2f220070b47b37ed872d71595399d9c38307dfd0c7e0fa45

  • SSDEEP

    6144:RqKvb0CYJ973e+eKZ6guqKvb0CYJ973e+eKZ6g7:vvbxYX7Z6gmvbxYX7Z6g7

Score
9/10
ransomware

Malware Config

Targets

    • Target

      b54648f48936c6e51f8790fb25c3f080_NeikiAnalytics

    • Size

      203KB

    • MD5

      b54648f48936c6e51f8790fb25c3f080

    • SHA1

      3382e65d6e942c74e2402dcbfabd0f3a133765a4

    • SHA256

      52d4bee3f235b07e109a40ec41cb0d328187d641006b9b889b1bc5c26f4a1d64

    • SHA512

      28196c71100e16673e70a9cdbb102b5873ee73e34f062d2ab4e1777848de1c354fd285e2afd7e48f2f220070b47b37ed872d71595399d9c38307dfd0c7e0fa45

    • SSDEEP

      6144:RqKvb0CYJ973e+eKZ6guqKvb0CYJ973e+eKZ6g7:vvbxYX7Z6gmvbxYX7Z6g7

    Score
    9/10
    ransomware

    • Renames multiple (607) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks