Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

9

Static

static

7

21caf9817a...cs.exe

windows7-x64

9

21caf9817a...cs.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    21caf9817ad9a743542c50f03941b2b0_NeikiAnalytics.exe

  • Size

    386KB

  • Sample

    240605-a93qwahb8w

  • MD5

    21caf9817ad9a743542c50f03941b2b0

  • SHA1

    b514d974da6dcd3624902d1c86c7f31e3fc47e44

  • SHA256

    67651753fd6686205120df7ab11a27454e852fd81d698b1886c69ec91aa0fea8

  • SHA512

    a75bd5a93e97798e2779ac9c44f21fbdec2610500be3b0ab13e9dd460d70e304b96dd0cb1989b80c2e1b3bdaedd673906f374288b213ff0f3a77b5927b2f7fe4

  • SSDEEP

    12288:VQtyZGtKgZGtK/CAIuZAIuQQtyZGtKgZGtK/CAIuZAIuj:VIt9It6

Score
9/10
ransomwareupx

Malware Config

Targets

    • Target

      21caf9817ad9a743542c50f03941b2b0_NeikiAnalytics.exe

    • Size

      386KB

    • MD5

      21caf9817ad9a743542c50f03941b2b0

    • SHA1

      b514d974da6dcd3624902d1c86c7f31e3fc47e44

    • SHA256

      67651753fd6686205120df7ab11a27454e852fd81d698b1886c69ec91aa0fea8

    • SHA512

      a75bd5a93e97798e2779ac9c44f21fbdec2610500be3b0ab13e9dd460d70e304b96dd0cb1989b80c2e1b3bdaedd673906f374288b213ff0f3a77b5927b2f7fe4

    • SSDEEP

      12288:VQtyZGtKgZGtK/CAIuZAIuQQtyZGtKgZGtK/CAIuZAIuj:VIt9It6

    Score
    9/10
    ransomwareupx

    • Renames multiple (4050) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks