Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2fbd757b752a1868fc1055921bec26e0_NeikiAnalytics.exe

  • Size

    198KB

  • Sample

    240602-d6w1pshf2v

  • MD5

    2fbd757b752a1868fc1055921bec26e0

  • SHA1

    9419329138817ab43210ef072378db5722a241f1

  • SHA256

    cf206c9b03329189b086877290b06bb4dfc49c9fb639a66a58ddcf6ffa7c2afd

  • SHA512

    0c37bd9fdb0a2241ef9053aa433a8e3c8ecb8a20ecf3207d8ca96852ef0e4bce31faf118b8e2555aa0fa8655dd98892fb3799ba0783550d476e69a7e7f7ff0d3

  • SSDEEP

    3072:fnymCAIuZAIuYSMjoqtMHfhflixivKtjXZfHg9flZo:KmCAIuZAIuDMVtM/cjBHg9f3o

Score
9/10

Malware Config

Targets

    • Target

      2fbd757b752a1868fc1055921bec26e0_NeikiAnalytics.exe

    • Size

      198KB

    • MD5

      2fbd757b752a1868fc1055921bec26e0

    • SHA1

      9419329138817ab43210ef072378db5722a241f1

    • SHA256

      cf206c9b03329189b086877290b06bb4dfc49c9fb639a66a58ddcf6ffa7c2afd

    • SHA512

      0c37bd9fdb0a2241ef9053aa433a8e3c8ecb8a20ecf3207d8ca96852ef0e4bce31faf118b8e2555aa0fa8655dd98892fb3799ba0783550d476e69a7e7f7ff0d3

    • SSDEEP

      3072:fnymCAIuZAIuYSMjoqtMHfhflixivKtjXZfHg9flZo:KmCAIuZAIuDMVtM/cjBHg9f3o

    Score
    9/10
    • Renames multiple (3145) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks