Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
7af64141386ac345156d5f2918ea5240_NeikiAnalytics.exe
-
Size
161KB
-
Sample
240531-haztyaah45
-
MD5
7af64141386ac345156d5f2918ea5240
-
SHA1
7806b2f45fb0470e9354c1e5d1053dd192cbfc98
-
SHA256
66a153172656ade296964de90044752705517c0ea0eb69d56405ca20a612bdc6
-
SHA512
80c60df6ba998a324dd9424d72f577f2ad5058704e108b9065542be383f2e5e9b256879fe712fcd1592c67fd220de4a4c2e0fb90a96f627436aab976597592b4
-
SSDEEP
1536:W7ZDpApYbWj2WTWJe+e/qXW7ZDpApYbWj2WTWJe+e/qXsyw:6DWpaWTWJe+e9DWpaWTWJe+e3
Static task
static1
Behavioral task
behavioral1
Sample
7af64141386ac345156d5f2918ea5240_NeikiAnalytics.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
7af64141386ac345156d5f2918ea5240_NeikiAnalytics.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
7af64141386ac345156d5f2918ea5240_NeikiAnalytics.exe
-
Size
161KB
-
MD5
7af64141386ac345156d5f2918ea5240
-
SHA1
7806b2f45fb0470e9354c1e5d1053dd192cbfc98
-
SHA256
66a153172656ade296964de90044752705517c0ea0eb69d56405ca20a612bdc6
-
SHA512
80c60df6ba998a324dd9424d72f577f2ad5058704e108b9065542be383f2e5e9b256879fe712fcd1592c67fd220de4a4c2e0fb90a96f627436aab976597592b4
-
SSDEEP
1536:W7ZDpApYbWj2WTWJe+e/qXW7ZDpApYbWj2WTWJe+e/qXsyw:6DWpaWTWJe+e9DWpaWTWJe+e3
Score9/10-
Renames multiple (3994) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-