Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
34b9ec9635bd29afd1dd1eaa6beb2660_NeikiAnalytics.exe
-
Size
134KB
-
Sample
240528-ganagagb5s
-
MD5
34b9ec9635bd29afd1dd1eaa6beb2660
-
SHA1
edfd8bc24f4be5581a911f381d411993715262da
-
SHA256
87fecce5ac6a15d7c468b9750ee7a4ac66f4edef2ee8d4d326c192af269d2e02
-
SHA512
ce2359f1a352d04e1279985ec4f147aedb1adba34984e3fec99cb51b58ff8d2ee86c62f0b6545983a7a985e9f1d0e8b8788219a018822ca25f57aeff4523d2b7
-
SSDEEP
1536:a7ZyqaFAlsr1++PJHJXFAIuZAIu67ZyqaFAlsr1++PJHJXFAIuZAIuzh3:enaym3AIuZAIu+naym3AIuZAIul
Behavioral task
behavioral1
Sample
34b9ec9635bd29afd1dd1eaa6beb2660_NeikiAnalytics.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
34b9ec9635bd29afd1dd1eaa6beb2660_NeikiAnalytics.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
34b9ec9635bd29afd1dd1eaa6beb2660_NeikiAnalytics.exe
-
Size
134KB
-
MD5
34b9ec9635bd29afd1dd1eaa6beb2660
-
SHA1
edfd8bc24f4be5581a911f381d411993715262da
-
SHA256
87fecce5ac6a15d7c468b9750ee7a4ac66f4edef2ee8d4d326c192af269d2e02
-
SHA512
ce2359f1a352d04e1279985ec4f147aedb1adba34984e3fec99cb51b58ff8d2ee86c62f0b6545983a7a985e9f1d0e8b8788219a018822ca25f57aeff4523d2b7
-
SSDEEP
1536:a7ZyqaFAlsr1++PJHJXFAIuZAIu67ZyqaFAlsr1++PJHJXFAIuZAIuzh3:enaym3AIuZAIu+naym3AIuZAIul
Score9/10-
Renames multiple (560) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-