Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
b54648f48936c6e51f8790fb25c3f080_NeikiAnalytics
-
Size
203KB
-
Sample
240514-kxw3nshe2v
-
MD5
b54648f48936c6e51f8790fb25c3f080
-
SHA1
3382e65d6e942c74e2402dcbfabd0f3a133765a4
-
SHA256
52d4bee3f235b07e109a40ec41cb0d328187d641006b9b889b1bc5c26f4a1d64
-
SHA512
28196c71100e16673e70a9cdbb102b5873ee73e34f062d2ab4e1777848de1c354fd285e2afd7e48f2f220070b47b37ed872d71595399d9c38307dfd0c7e0fa45
-
SSDEEP
6144:RqKvb0CYJ973e+eKZ6guqKvb0CYJ973e+eKZ6g7:vvbxYX7Z6gmvbxYX7Z6g7
Static task
static1
Behavioral task
behavioral1
Sample
b54648f48936c6e51f8790fb25c3f080_NeikiAnalytics.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
b54648f48936c6e51f8790fb25c3f080_NeikiAnalytics.exe
Resource
win10v2004-20240426-en
Malware Config
Targets
-
-
Target
b54648f48936c6e51f8790fb25c3f080_NeikiAnalytics
-
Size
203KB
-
MD5
b54648f48936c6e51f8790fb25c3f080
-
SHA1
3382e65d6e942c74e2402dcbfabd0f3a133765a4
-
SHA256
52d4bee3f235b07e109a40ec41cb0d328187d641006b9b889b1bc5c26f4a1d64
-
SHA512
28196c71100e16673e70a9cdbb102b5873ee73e34f062d2ab4e1777848de1c354fd285e2afd7e48f2f220070b47b37ed872d71595399d9c38307dfd0c7e0fa45
-
SSDEEP
6144:RqKvb0CYJ973e+eKZ6guqKvb0CYJ973e+eKZ6g7:vvbxYX7Z6gmvbxYX7Z6g7
Score9/10-
Renames multiple (607) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-