Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    48a59cc1821a2b63a834a881c1e1e4e0_NeikiAnalytics

  • Size

    145KB

  • Sample

    240515-2j89hsff3t

  • MD5

    48a59cc1821a2b63a834a881c1e1e4e0

  • SHA1

    4175341dcceb2cc3403d5ec5a59631386a520f71

  • SHA256

    370b1016153cb4dd29c435916ae4e618f155c2aac805eed0f97f1e625f277286

  • SHA512

    d47451de5faf403fc12446cbdb64e98f6fe32a47cc305e58f66b6408c157da9798c6cb159765752f7f0a369ce2bf40f54fbb2d6653bf14c99ec488dae6d984df

  • SSDEEP

    3072:6e7WpMaxeb0CYJ97lEYNR73e+eKZMe7WpMaxeb0CYJ97lEYNR73e+eKZ1:RqKvb0CYJ973e+eKZXqKvb0CYJ973e+T

Score
9/10

Malware Config

Targets

    • Target

      48a59cc1821a2b63a834a881c1e1e4e0_NeikiAnalytics

    • Size

      145KB

    • MD5

      48a59cc1821a2b63a834a881c1e1e4e0

    • SHA1

      4175341dcceb2cc3403d5ec5a59631386a520f71

    • SHA256

      370b1016153cb4dd29c435916ae4e618f155c2aac805eed0f97f1e625f277286

    • SHA512

      d47451de5faf403fc12446cbdb64e98f6fe32a47cc305e58f66b6408c157da9798c6cb159765752f7f0a369ce2bf40f54fbb2d6653bf14c99ec488dae6d984df

    • SSDEEP

      3072:6e7WpMaxeb0CYJ97lEYNR73e+eKZMe7WpMaxeb0CYJ97lEYNR73e+eKZ1:RqKvb0CYJ973e+eKZXqKvb0CYJ973e+T

    Score
    9/10
    • Renames multiple (4112) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Matrix

Tasks