Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

9

Static

static

7

7e15584a54...cs.exe

windows7-x64

9

7e15584a54...cs.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    7e15584a5431f847fceda386235675b90a7ddbf13fc80191f2f583c5ebc45ed1_NeikiAnalytics.exe

  • Size

    70KB

  • Sample

    240624-rewgrazamk

  • MD5

    1557953b457df8f204efab78bdd56260

  • SHA1

    8eb33ba27fe54f59762e3a586d61f2df8065d655

  • SHA256

    7e15584a5431f847fceda386235675b90a7ddbf13fc80191f2f583c5ebc45ed1

  • SHA512

    4bf63f9da592451f9d95663c571ca5c5d2974b442608b4cd26b548bc05737bb4bd024458a5030502096565104d64c6962b6ca982dd932fa888fd8d654f6c50bd

  • SSDEEP

    768:V7Blpf/FAK65euBT37CPKK0SjlVT7Blpf/FAK65euBT37CPKK0Sj8:V7Zf/FAxTW17Zf/FAxTW+

Score
9/10
ransomwareupx

Malware Config

Targets

    • Target

      7e15584a5431f847fceda386235675b90a7ddbf13fc80191f2f583c5ebc45ed1_NeikiAnalytics.exe

    • Size

      70KB

    • MD5

      1557953b457df8f204efab78bdd56260

    • SHA1

      8eb33ba27fe54f59762e3a586d61f2df8065d655

    • SHA256

      7e15584a5431f847fceda386235675b90a7ddbf13fc80191f2f583c5ebc45ed1

    • SHA512

      4bf63f9da592451f9d95663c571ca5c5d2974b442608b4cd26b548bc05737bb4bd024458a5030502096565104d64c6962b6ca982dd932fa888fd8d654f6c50bd

    • SSDEEP

      768:V7Blpf/FAK65euBT37CPKK0SjlVT7Blpf/FAK65euBT37CPKK0Sj8:V7Zf/FAxTW17Zf/FAxTW+

    Score
    9/10
    ransomwareupx

    • Renames multiple (4176) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks