Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    518c8656f735efa1399cb53cc08ee4fe58497cdb8e26b2462723eece76992c7a_NeikiAnalytics.exe

  • Size

    141KB

  • Sample

    240620-lphqravdqk

  • MD5

    60a7760e0ec48f77bd1d1d29b1d498d0

  • SHA1

    1b1276350adead01831de2b9509b199483504f57

  • SHA256

    518c8656f735efa1399cb53cc08ee4fe58497cdb8e26b2462723eece76992c7a

  • SHA512

    60cc5382086d722e07ab4249dbf957cd5a04d942873fe3dd64932b6c8c1fefa274b395b8b6cfac112e933bc4981ca851b15da2ee1735ca13c971d30ab6fdbe7f

  • SSDEEP

    1536:W7ZDpApYbWjIoPyPoLzV7c6Sh1X+7ZDpApYbWjIoPyPoLzV7c6ShE:6DWpvDWpj

Score
9/10

Malware Config

Targets

    • Target

      518c8656f735efa1399cb53cc08ee4fe58497cdb8e26b2462723eece76992c7a_NeikiAnalytics.exe

    • Size

      141KB

    • MD5

      60a7760e0ec48f77bd1d1d29b1d498d0

    • SHA1

      1b1276350adead01831de2b9509b199483504f57

    • SHA256

      518c8656f735efa1399cb53cc08ee4fe58497cdb8e26b2462723eece76992c7a

    • SHA512

      60cc5382086d722e07ab4249dbf957cd5a04d942873fe3dd64932b6c8c1fefa274b395b8b6cfac112e933bc4981ca851b15da2ee1735ca13c971d30ab6fdbe7f

    • SSDEEP

      1536:W7ZDpApYbWjIoPyPoLzV7c6Sh1X+7ZDpApYbWjIoPyPoLzV7c6ShE:6DWpvDWpj

    Score
    9/10
    • Renames multiple (5835) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Matrix

Tasks