Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
aacd7405703934ee19f3a46d194d6270_NeikiAnalytics.exe
-
Size
117KB
-
Sample
240609-tjy5jsch85
-
MD5
aacd7405703934ee19f3a46d194d6270
-
SHA1
31e390edefe191ed51c79733dd15447261740413
-
SHA256
e443ef834e7187c2e0936d81cdd7e3e372e9f6359e75a785a4ac16aca98c936b
-
SHA512
4fb0a3a4e51e2dbbeb099f1d106e14892abdac9718a9cfc8254ea64ffb12cd5fd848b62408c6accf9dd612f80bff0bc77ac246328deada74ea13195a3498fb76
-
SSDEEP
1536:CTWn1++PJHJXA/OsIZfzc3/Q8asUsJOcTWn1++PJHJXA/OsIZfzc3/Q8asUsJOq3:KQSohsUsJQSohsUs/
Behavioral task
behavioral1
Sample
aacd7405703934ee19f3a46d194d6270_NeikiAnalytics.exe
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
aacd7405703934ee19f3a46d194d6270_NeikiAnalytics.exe
Resource
win10v2004-20240426-en
Malware Config
Targets
-
-
Target
aacd7405703934ee19f3a46d194d6270_NeikiAnalytics.exe
-
Size
117KB
-
MD5
aacd7405703934ee19f3a46d194d6270
-
SHA1
31e390edefe191ed51c79733dd15447261740413
-
SHA256
e443ef834e7187c2e0936d81cdd7e3e372e9f6359e75a785a4ac16aca98c936b
-
SHA512
4fb0a3a4e51e2dbbeb099f1d106e14892abdac9718a9cfc8254ea64ffb12cd5fd848b62408c6accf9dd612f80bff0bc77ac246328deada74ea13195a3498fb76
-
SSDEEP
1536:CTWn1++PJHJXA/OsIZfzc3/Q8asUsJOcTWn1++PJHJXA/OsIZfzc3/Q8asUsJOq3:KQSohsUsJQSohsUs/
Score9/10-
Renames multiple (2210) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-