Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    21caf9817ad9a743542c50f03941b2b0_NeikiAnalytics.exe

  • Size

    386KB

  • Sample

    240605-a93qwahb8w

  • MD5

    21caf9817ad9a743542c50f03941b2b0

  • SHA1

    b514d974da6dcd3624902d1c86c7f31e3fc47e44

  • SHA256

    67651753fd6686205120df7ab11a27454e852fd81d698b1886c69ec91aa0fea8

  • SHA512

    a75bd5a93e97798e2779ac9c44f21fbdec2610500be3b0ab13e9dd460d70e304b96dd0cb1989b80c2e1b3bdaedd673906f374288b213ff0f3a77b5927b2f7fe4

  • SSDEEP

    12288:VQtyZGtKgZGtK/CAIuZAIuQQtyZGtKgZGtK/CAIuZAIuj:VIt9It6

Score
9/10

Malware Config

Targets

    • Target

      21caf9817ad9a743542c50f03941b2b0_NeikiAnalytics.exe

    • Size

      386KB

    • MD5

      21caf9817ad9a743542c50f03941b2b0

    • SHA1

      b514d974da6dcd3624902d1c86c7f31e3fc47e44

    • SHA256

      67651753fd6686205120df7ab11a27454e852fd81d698b1886c69ec91aa0fea8

    • SHA512

      a75bd5a93e97798e2779ac9c44f21fbdec2610500be3b0ab13e9dd460d70e304b96dd0cb1989b80c2e1b3bdaedd673906f374288b213ff0f3a77b5927b2f7fe4

    • SSDEEP

      12288:VQtyZGtKgZGtK/CAIuZAIuQQtyZGtKgZGtK/CAIuZAIuj:VIt9It6

    Score
    9/10
    • Renames multiple (4050) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Drops file in System32 directory

MITRE ATT&CK Matrix

Tasks