Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
c7941ddb367c6d18dfeda0aa2f38e3b0_NeikiAnalytics
-
Size
66KB
-
Sample
240514-p82jragc5s
-
MD5
c7941ddb367c6d18dfeda0aa2f38e3b0
-
SHA1
cfec0f7d77e4660f041b49f1b4bcf8d594f6c1b0
-
SHA256
b85cf426b273c087d5da9ed474d7aea16b546d5f42fab4a199f63a6240b0a50d
-
SHA512
60ccbba71070f5e053cbe20343fefe343ba17b6c87139e5f2cf04ca4f758cf593b7c0f2d318a65f83ecfa010087d4c2983db5ac2d6608ba4aeab3d3c7097f710
-
SSDEEP
1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxND0yUPqrDZh:ymb3NkkiQ3mdBjF0yUm/
Static task
static1
Behavioral task
behavioral1
Sample
c7941ddb367c6d18dfeda0aa2f38e3b0_NeikiAnalytics.exe
Resource
win7-20240221-en
Malware Config
Targets
-
-
Target
c7941ddb367c6d18dfeda0aa2f38e3b0_NeikiAnalytics
-
Size
66KB
-
MD5
c7941ddb367c6d18dfeda0aa2f38e3b0
-
SHA1
cfec0f7d77e4660f041b49f1b4bcf8d594f6c1b0
-
SHA256
b85cf426b273c087d5da9ed474d7aea16b546d5f42fab4a199f63a6240b0a50d
-
SHA512
60ccbba71070f5e053cbe20343fefe343ba17b6c87139e5f2cf04ca4f758cf593b7c0f2d318a65f83ecfa010087d4c2983db5ac2d6608ba4aeab3d3c7097f710
-
SSDEEP
1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxND0yUPqrDZh:ymb3NkkiQ3mdBjF0yUm/
-
Detect Blackmoon payload
-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Executes dropped EXE
-