Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    3d78e0deaf67cb40b9988a11f6c35e6c911a263c545b304f320084b43394541b_NeikiAnalytics.exe

  • Size

    112KB

  • Sample

    240625-hp2xvaydpm

  • MD5

    2133ee2e2dcd48f472d2dcf430d93980

  • SHA1

    d1a5d10e60248e608c6a217a752f4a7516c44c80

  • SHA256

    3d78e0deaf67cb40b9988a11f6c35e6c911a263c545b304f320084b43394541b

  • SHA512

    c6c19b31d66d54b116aa4820eeee24ce7463784183f0bbd4b26b156d9cf8f42885484b666a90a7d4106f666bab2a49e2e9a117ca059aa9af114971a76a3dafa3

  • SSDEEP

    3072:9QWpze+eJfFpsJOfFpsJYu4g7gVQWpze+eJfFpsJOfFpsJYu4g7gS:Lpe+eXg7gjpe+eXg7gS

Score
9/10

Malware Config

Targets

    • Target

      3d78e0deaf67cb40b9988a11f6c35e6c911a263c545b304f320084b43394541b_NeikiAnalytics.exe

    • Size

      112KB

    • MD5

      2133ee2e2dcd48f472d2dcf430d93980

    • SHA1

      d1a5d10e60248e608c6a217a752f4a7516c44c80

    • SHA256

      3d78e0deaf67cb40b9988a11f6c35e6c911a263c545b304f320084b43394541b

    • SHA512

      c6c19b31d66d54b116aa4820eeee24ce7463784183f0bbd4b26b156d9cf8f42885484b666a90a7d4106f666bab2a49e2e9a117ca059aa9af114971a76a3dafa3

    • SSDEEP

      3072:9QWpze+eJfFpsJOfFpsJYu4g7gVQWpze+eJfFpsJOfFpsJYu4g7gS:Lpe+eXg7gjpe+eXg7gS

    Score
    9/10
    • Renames multiple (1482) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Matrix

Tasks