Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

9

Static

static

3

518c8656f7...cs.exe

windows7-x64

9

518c8656f7...cs.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    518c8656f735efa1399cb53cc08ee4fe58497cdb8e26b2462723eece76992c7a_NeikiAnalytics.exe

  • Size

    141KB

  • Sample

    240620-lphqravdqk

  • MD5

    60a7760e0ec48f77bd1d1d29b1d498d0

  • SHA1

    1b1276350adead01831de2b9509b199483504f57

  • SHA256

    518c8656f735efa1399cb53cc08ee4fe58497cdb8e26b2462723eece76992c7a

  • SHA512

    60cc5382086d722e07ab4249dbf957cd5a04d942873fe3dd64932b6c8c1fefa274b395b8b6cfac112e933bc4981ca851b15da2ee1735ca13c971d30ab6fdbe7f

  • SSDEEP

    1536:W7ZDpApYbWjIoPyPoLzV7c6Sh1X+7ZDpApYbWjIoPyPoLzV7c6ShE:6DWpvDWpj

Score
9/10
ransomware

Malware Config

Targets

    • Target

      518c8656f735efa1399cb53cc08ee4fe58497cdb8e26b2462723eece76992c7a_NeikiAnalytics.exe

    • Size

      141KB

    • MD5

      60a7760e0ec48f77bd1d1d29b1d498d0

    • SHA1

      1b1276350adead01831de2b9509b199483504f57

    • SHA256

      518c8656f735efa1399cb53cc08ee4fe58497cdb8e26b2462723eece76992c7a

    • SHA512

      60cc5382086d722e07ab4249dbf957cd5a04d942873fe3dd64932b6c8c1fefa274b395b8b6cfac112e933bc4981ca851b15da2ee1735ca13c971d30ab6fdbe7f

    • SSDEEP

      1536:W7ZDpApYbWjIoPyPoLzV7c6Sh1X+7ZDpApYbWjIoPyPoLzV7c6ShE:6DWpvDWpj

    Score
    9/10
    ransomware

    • Renames multiple (5835) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks