Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

9

Static

static

3

3bd042641e...cs.exe

windows7-x64

9

3bd042641e...cs.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3bd042641e358709f6fd45e1c62598b7d195e27461411d2a161889a3daa7cf63_NeikiAnalytics.exe

  • Size

    177KB

  • Sample

    240625-hfjpxaybrl

  • MD5

    5980497445ba4627aab56a5b7d33fdc0

  • SHA1

    c22b81bcb14ef5130238702e442d003f3ebb171d

  • SHA256

    3bd042641e358709f6fd45e1c62598b7d195e27461411d2a161889a3daa7cf63

  • SHA512

    c847262600df90b111a9b310a870a257609e1fe559e5cfc2992c59e055a9baf26753fb5ea16f73e8ef31f98ae5817ac9233b60c4bea11d12639c8ed091e17327

  • SSDEEP

    3072:6e7WpP9oVLQthbYY9oVLQthbUv/e7WpP9oVLQthbYY9oVLQthbUvgMhMd:RqAeqAE

Score
9/10
ransomware

Malware Config

Targets

    • Target

      3bd042641e358709f6fd45e1c62598b7d195e27461411d2a161889a3daa7cf63_NeikiAnalytics.exe

    • Size

      177KB

    • MD5

      5980497445ba4627aab56a5b7d33fdc0

    • SHA1

      c22b81bcb14ef5130238702e442d003f3ebb171d

    • SHA256

      3bd042641e358709f6fd45e1c62598b7d195e27461411d2a161889a3daa7cf63

    • SHA512

      c847262600df90b111a9b310a870a257609e1fe559e5cfc2992c59e055a9baf26753fb5ea16f73e8ef31f98ae5817ac9233b60c4bea11d12639c8ed091e17327

    • SSDEEP

      3072:6e7WpP9oVLQthbYY9oVLQthbUv/e7WpP9oVLQthbYY9oVLQthbUvgMhMd:RqAeqAE

    Score
    9/10
    ransomware

    • Renames multiple (3888) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks