Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
8921e5cf8a1621a783e03cb5b2f9ab50_NeikiAnalytics.exe
-
Size
3.1MB
-
Sample
240601-cezrvadh9v
-
MD5
8921e5cf8a1621a783e03cb5b2f9ab50
-
SHA1
e554bb937a1efe634421444e2447edbf66bb3bfa
-
SHA256
c2be5e89dbdeea8beb800a041bf67e7c2d133ede3193995c47c0fd302ac218d0
-
SHA512
23756f76000850eacb323010beb8dd080099639b4dd174cc1796fd3df69d9a6e6be2a152814c170cefaae476a90b3ba1034ffb2c34e30e0e3cade1e95049b5f0
-
SSDEEP
98304:N0GnJMOWPClFdx6e0EALKWVTffZiPAcRq6jHjc4Y:NFWPClFI
Malware Config
Targets
-
-
Target
8921e5cf8a1621a783e03cb5b2f9ab50_NeikiAnalytics.exe
-
Size
3.1MB
-
MD5
8921e5cf8a1621a783e03cb5b2f9ab50
-
SHA1
e554bb937a1efe634421444e2447edbf66bb3bfa
-
SHA256
c2be5e89dbdeea8beb800a041bf67e7c2d133ede3193995c47c0fd302ac218d0
-
SHA512
23756f76000850eacb323010beb8dd080099639b4dd174cc1796fd3df69d9a6e6be2a152814c170cefaae476a90b3ba1034ffb2c34e30e0e3cade1e95049b5f0
-
SSDEEP
98304:N0GnJMOWPClFdx6e0EALKWVTffZiPAcRq6jHjc4Y:NFWPClFI
Score10/10-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
xmrig
XMRig is a high performance, open source, cross platform CPU/GPU miner.
-
XMRig Miner payload
-
Executes dropped EXE
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Drops file in System32 directory
-