Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    339fa6cd495ab20cf7440f885f96dae0_NeikiAnalytics

  • Size

    314KB

  • Sample

    240515-zseedsbh77

  • MD5

    339fa6cd495ab20cf7440f885f96dae0

  • SHA1

    8f85e0004035552c8492a9641a54ea6ab4b9031f

  • SHA256

    df6714ee2e47743752bfba8391e00df6269cb0b8185b45a13546d603f7f08091

  • SHA512

    076ef280aed4b2b2b7793aab9a4e05d1d34ced86f3037a3ec74d31d7ca043f9405ff538a4fb41bcc889485081b72a370b6640bfe9f486e86b1c6db831e7eb55f

  • SSDEEP

    6144:KQSo1EZGtKgZGtK/CAIuZAIuaQSo1EZGtKgZGtK/CAIuZAIuo:KQtyZGtKgZGtK/CAIuZAIuaQtyZGtKgF

Score
9/10

Malware Config

Targets

    • Target

      339fa6cd495ab20cf7440f885f96dae0_NeikiAnalytics

    • Size

      314KB

    • MD5

      339fa6cd495ab20cf7440f885f96dae0

    • SHA1

      8f85e0004035552c8492a9641a54ea6ab4b9031f

    • SHA256

      df6714ee2e47743752bfba8391e00df6269cb0b8185b45a13546d603f7f08091

    • SHA512

      076ef280aed4b2b2b7793aab9a4e05d1d34ced86f3037a3ec74d31d7ca043f9405ff538a4fb41bcc889485081b72a370b6640bfe9f486e86b1c6db831e7eb55f

    • SSDEEP

      6144:KQSo1EZGtKgZGtK/CAIuZAIuaQSo1EZGtKgZGtK/CAIuZAIuo:KQtyZGtKgZGtK/CAIuZAIuaQtyZGtKgF

    Score
    9/10
    • Renames multiple (4206) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Drops file in System32 directory

MITRE ATT&CK Matrix

Tasks