4df1f3c26e4e01599bdcb841240a616d2cdb7e6de8767d6eaf7ed9cfb3e7ae18 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

9

Static

static

3

197013685a...cs.exe

windows7-x64

9

197013685a...cs.exe

windows10-2004-x64

9

Sharing

General

Target

197013685a01486764e20bef86eb7770_NeikiAnalytics.exe
Size

260KB
Sample

240604-a7yn5sfd3z
MD5

197013685a01486764e20bef86eb7770
SHA1

820cfb42dcda7a243f9e3b64d7e7ef8d1533bff0
SHA256

4df1f3c26e4e01599bdcb841240a616d2cdb7e6de8767d6eaf7ed9cfb3e7ae18
SHA512

aef480c44543235c1759e537038ea0dfdbc7703d5c4ed6de46cd595d4a5732fed1befd00d3c0c19e28f5e4bc6d1a456265e4c588013a95e3ee530c83cfee1f5d
SSDEEP

6144:RqlIyFESWu0SWuGSwxOqlIyFESWu0SWuGSwxw:tydy9

Score

9^/10

ransomware

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

197013685a01486764e20bef86eb7770_NeikiAnalytics.exe

Resource

win7-20240221-en

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

197013685a01486764e20bef86eb7770_NeikiAnalytics.exe

Resource

win10v2004-20240508-en

windows10-2004-x64

5 signatures

150 seconds

Malware Config

Targets

- Target
  
  197013685a01486764e20bef86eb7770_NeikiAnalytics.exe
- Size
  
  260KB
- MD5
  
  197013685a01486764e20bef86eb7770
- SHA1
  
  820cfb42dcda7a243f9e3b64d7e7ef8d1533bff0
- SHA256
  
  4df1f3c26e4e01599bdcb841240a616d2cdb7e6de8767d6eaf7ed9cfb3e7ae18
- SHA512
  
  aef480c44543235c1759e537038ea0dfdbc7703d5c4ed6de46cd595d4a5732fed1befd00d3c0c19e28f5e4bc6d1a456265e4c588013a95e3ee530c83cfee1f5d
- SSDEEP
  
  6144:RqlIyFESWu0SWuGSwxOqlIyFESWu0SWuGSwxw:tydy9
Score

9^/10

ransomware
- Renames multiple (4415) files with added filename extension
  This suggests ransomware activity of encrypting all the files on the system.
  ransomware
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy