Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    197013685a01486764e20bef86eb7770_NeikiAnalytics.exe

  • Size

    260KB

  • Sample

    240604-a7yn5sfd3z

  • MD5

    197013685a01486764e20bef86eb7770

  • SHA1

    820cfb42dcda7a243f9e3b64d7e7ef8d1533bff0

  • SHA256

    4df1f3c26e4e01599bdcb841240a616d2cdb7e6de8767d6eaf7ed9cfb3e7ae18

  • SHA512

    aef480c44543235c1759e537038ea0dfdbc7703d5c4ed6de46cd595d4a5732fed1befd00d3c0c19e28f5e4bc6d1a456265e4c588013a95e3ee530c83cfee1f5d

  • SSDEEP

    6144:RqlIyFESWu0SWuGSwxOqlIyFESWu0SWuGSwxw:tydy9

Score
9/10

Malware Config

Targets

    • Target

      197013685a01486764e20bef86eb7770_NeikiAnalytics.exe

    • Size

      260KB

    • MD5

      197013685a01486764e20bef86eb7770

    • SHA1

      820cfb42dcda7a243f9e3b64d7e7ef8d1533bff0

    • SHA256

      4df1f3c26e4e01599bdcb841240a616d2cdb7e6de8767d6eaf7ed9cfb3e7ae18

    • SHA512

      aef480c44543235c1759e537038ea0dfdbc7703d5c4ed6de46cd595d4a5732fed1befd00d3c0c19e28f5e4bc6d1a456265e4c588013a95e3ee530c83cfee1f5d

    • SSDEEP

      6144:RqlIyFESWu0SWuGSwxOqlIyFESWu0SWuGSwxw:tydy9

    Score
    9/10
    • Renames multiple (4415) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Matrix

Tasks