Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

9

Static

static

3

f0c09d88e8...cs.exe

windows7-x64

9

f0c09d88e8...cs.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    f0c09d88e8172c08d2b4f5e914479540_NeikiAnalytics.exe

  • Size

    155KB

  • Sample

    240601-nmfjqaca68

  • MD5

    f0c09d88e8172c08d2b4f5e914479540

  • SHA1

    2a6494b69972031ac9ae50b5667b267831f8af9c

  • SHA256

    6c8aee204389f6f3efd64dd4f7189f3c6552e506a5d680f8bcee9e5a90200798

  • SHA512

    37d3ffc4d665db4ddd4c9f1eb22d17dbad42aa23f90def3dd1e4f1b2c8d57b46254bb3a4ffd2350d92b1c23c321f225d7be5c579c5721faca13aa7b9c61f3d05

  • SSDEEP

    3072:6e7WpP9oVLQthbYY9oVLQthbUrt7t441e7WpP9oVLQthbYY9oVLQthbUrt7t44e:RqAGqA4

Score
9/10
ransomware

Malware Config

Targets

    • Target

      f0c09d88e8172c08d2b4f5e914479540_NeikiAnalytics.exe

    • Size

      155KB

    • MD5

      f0c09d88e8172c08d2b4f5e914479540

    • SHA1

      2a6494b69972031ac9ae50b5667b267831f8af9c

    • SHA256

      6c8aee204389f6f3efd64dd4f7189f3c6552e506a5d680f8bcee9e5a90200798

    • SHA512

      37d3ffc4d665db4ddd4c9f1eb22d17dbad42aa23f90def3dd1e4f1b2c8d57b46254bb3a4ffd2350d92b1c23c321f225d7be5c579c5721faca13aa7b9c61f3d05

    • SSDEEP

      3072:6e7WpP9oVLQthbYY9oVLQthbUrt7t441e7WpP9oVLQthbYY9oVLQthbUrt7t44e:RqAGqA4

    Score
    9/10
    ransomware

    • Renames multiple (4524) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks