Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    aacd7405703934ee19f3a46d194d6270_NeikiAnalytics.exe

  • Size

    117KB

  • Sample

    240609-tjy5jsch85

  • MD5

    aacd7405703934ee19f3a46d194d6270

  • SHA1

    31e390edefe191ed51c79733dd15447261740413

  • SHA256

    e443ef834e7187c2e0936d81cdd7e3e372e9f6359e75a785a4ac16aca98c936b

  • SHA512

    4fb0a3a4e51e2dbbeb099f1d106e14892abdac9718a9cfc8254ea64ffb12cd5fd848b62408c6accf9dd612f80bff0bc77ac246328deada74ea13195a3498fb76

  • SSDEEP

    1536:CTWn1++PJHJXA/OsIZfzc3/Q8asUsJOcTWn1++PJHJXA/OsIZfzc3/Q8asUsJOq3:KQSohsUsJQSohsUs/

Score
9/10

Malware Config

Targets

    • Target

      aacd7405703934ee19f3a46d194d6270_NeikiAnalytics.exe

    • Size

      117KB

    • MD5

      aacd7405703934ee19f3a46d194d6270

    • SHA1

      31e390edefe191ed51c79733dd15447261740413

    • SHA256

      e443ef834e7187c2e0936d81cdd7e3e372e9f6359e75a785a4ac16aca98c936b

    • SHA512

      4fb0a3a4e51e2dbbeb099f1d106e14892abdac9718a9cfc8254ea64ffb12cd5fd848b62408c6accf9dd612f80bff0bc77ac246328deada74ea13195a3498fb76

    • SSDEEP

      1536:CTWn1++PJHJXA/OsIZfzc3/Q8asUsJOcTWn1++PJHJXA/OsIZfzc3/Q8asUsJOq3:KQSohsUsJQSohsUs/

    Score
    9/10
    • Renames multiple (2210) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Drops file in System32 directory

MITRE ATT&CK Matrix

Tasks