Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    579d17b25baa29ee5f38d051951fb8291729b87d4c106d3a84c772da1c6191b9_NeikiAnalytics.exe

  • Size

    80KB

  • Sample

    240628-bn4lqashpe

  • MD5

    0ae3d95b5f1dc0e488cf6adca547c410

  • SHA1

    232c2b01e817705621b4df9382d4c95da93fc8d2

  • SHA256

    579d17b25baa29ee5f38d051951fb8291729b87d4c106d3a84c772da1c6191b9

  • SHA512

    8387e38235866a80dbfa1201fa615e56c2f63e4934e4a64bb1440906ff52d6b5ab4d27e81217ac59931c81c6a1d7edbbd100e577a05186cc7eff9422a2980f33

  • SSDEEP

    1536:W7ZppApUFpEhLfyBtPf50FWkFpPDze/qFsxEhLfyBtPf50FWkFpPDze/qFsAcEhD:6pWpUFpEhLfyBtPf50FWkFpPDze/qFsm

Score
9/10

Malware Config

Targets

    • Target

      579d17b25baa29ee5f38d051951fb8291729b87d4c106d3a84c772da1c6191b9_NeikiAnalytics.exe

    • Size

      80KB

    • MD5

      0ae3d95b5f1dc0e488cf6adca547c410

    • SHA1

      232c2b01e817705621b4df9382d4c95da93fc8d2

    • SHA256

      579d17b25baa29ee5f38d051951fb8291729b87d4c106d3a84c772da1c6191b9

    • SHA512

      8387e38235866a80dbfa1201fa615e56c2f63e4934e4a64bb1440906ff52d6b5ab4d27e81217ac59931c81c6a1d7edbbd100e577a05186cc7eff9422a2980f33

    • SSDEEP

      1536:W7ZppApUFpEhLfyBtPf50FWkFpPDze/qFsxEhLfyBtPf50FWkFpPDze/qFsAcEhD:6pWpUFpEhLfyBtPf50FWkFpPDze/qFsm

    Score
    9/10
    • Renames multiple (3529) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

MITRE ATT&CK Matrix

Tasks