Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    7af64141386ac345156d5f2918ea5240_NeikiAnalytics.exe

  • Size

    161KB

  • Sample

    240531-haztyaah45

  • MD5

    7af64141386ac345156d5f2918ea5240

  • SHA1

    7806b2f45fb0470e9354c1e5d1053dd192cbfc98

  • SHA256

    66a153172656ade296964de90044752705517c0ea0eb69d56405ca20a612bdc6

  • SHA512

    80c60df6ba998a324dd9424d72f577f2ad5058704e108b9065542be383f2e5e9b256879fe712fcd1592c67fd220de4a4c2e0fb90a96f627436aab976597592b4

  • SSDEEP

    1536:W7ZDpApYbWj2WTWJe+e/qXW7ZDpApYbWj2WTWJe+e/qXsyw:6DWpaWTWJe+e9DWpaWTWJe+e3

Score
9/10

Malware Config

Targets

    • Target

      7af64141386ac345156d5f2918ea5240_NeikiAnalytics.exe

    • Size

      161KB

    • MD5

      7af64141386ac345156d5f2918ea5240

    • SHA1

      7806b2f45fb0470e9354c1e5d1053dd192cbfc98

    • SHA256

      66a153172656ade296964de90044752705517c0ea0eb69d56405ca20a612bdc6

    • SHA512

      80c60df6ba998a324dd9424d72f577f2ad5058704e108b9065542be383f2e5e9b256879fe712fcd1592c67fd220de4a4c2e0fb90a96f627436aab976597592b4

    • SSDEEP

      1536:W7ZDpApYbWj2WTWJe+e/qXW7ZDpApYbWj2WTWJe+e/qXsyw:6DWpaWTWJe+e9DWpaWTWJe+e3

    Score
    9/10
    • Renames multiple (3994) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Matrix

Tasks