Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

9

Static

static

3

55e1efed69...cs.exe

windows7-x64

9

55e1efed69...cs.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    55e1efed695b6feac51297b7270da840_NeikiAnalytics.exe

  • Size

    187KB

  • Sample

    240613-ch532a1ald

  • MD5

    55e1efed695b6feac51297b7270da840

  • SHA1

    3361f4bbdc13b3a39bc2a470a054ef7444386c5a

  • SHA256

    8d2ffd0a60467546b192e6a9a734d14d2b9aa8ce26099c3d865ffffefa3666b2

  • SHA512

    ed22f661905cb13eb2f4e2027ef0dd34971852b192eb63d6d2370ff0fd4004c4dcd36a113a7096f11404645085f83756e97cf4abe8c00b8d3cc232d2c18ee7a8

  • SSDEEP

    3072:6e7WpMaxeb0CYJ97lEYNR73e+eKZ0VXa+e7WpMaxeb0CYJ97lEYNR73e+eKZ0VX8:RqKvb0CYJ973e+eKZ0VOqKvb0CYJ973J

Score
9/10
ransomware

Malware Config

Targets

    • Target

      55e1efed695b6feac51297b7270da840_NeikiAnalytics.exe

    • Size

      187KB

    • MD5

      55e1efed695b6feac51297b7270da840

    • SHA1

      3361f4bbdc13b3a39bc2a470a054ef7444386c5a

    • SHA256

      8d2ffd0a60467546b192e6a9a734d14d2b9aa8ce26099c3d865ffffefa3666b2

    • SHA512

      ed22f661905cb13eb2f4e2027ef0dd34971852b192eb63d6d2370ff0fd4004c4dcd36a113a7096f11404645085f83756e97cf4abe8c00b8d3cc232d2c18ee7a8

    • SSDEEP

      3072:6e7WpMaxeb0CYJ97lEYNR73e+eKZ0VXa+e7WpMaxeb0CYJ97lEYNR73e+eKZ0VX8:RqKvb0CYJ973e+eKZ0VOqKvb0CYJ973J

    Score
    9/10
    ransomware

    • Renames multiple (4451) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks