Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

9

Static

static

3

863d145abc...cs.exe

windows7-x64

7

863d145abc...cs.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    863d145abc27e7a006ba1358b68c87366c8b571bb7ad489446c050d6e93d3fef_NeikiAnalytics.exe

  • Size

    68KB

  • Sample

    240628-fg8pbasbqd

  • MD5

    0efef0d68bf54740873e19ac132e8300

  • SHA1

    feeec8c53613c6ab52818a0d30cea4c3a0470dcc

  • SHA256

    863d145abc27e7a006ba1358b68c87366c8b571bb7ad489446c050d6e93d3fef

  • SHA512

    b891367f31996d2dc895e724a8ed21e877dda3e96024af9b209dd54fdbdefa012ea55b90467444e11e5b23fadb5f2131f345ca96ad505da86f63e42d3aafc026

  • SSDEEP

    768:/7BlpQpARFbhIYJIJDYJIJPfFpsJcFfFpsJcmnGUNGU4EXBwzEXBwnR5hrxR5hrs:/7ZQpApze+eJfFpsJOfFpsJeFrxFrs

Score
9/10
ransomware

Malware Config

Targets

    • Target

      863d145abc27e7a006ba1358b68c87366c8b571bb7ad489446c050d6e93d3fef_NeikiAnalytics.exe

    • Size

      68KB

    • MD5

      0efef0d68bf54740873e19ac132e8300

    • SHA1

      feeec8c53613c6ab52818a0d30cea4c3a0470dcc

    • SHA256

      863d145abc27e7a006ba1358b68c87366c8b571bb7ad489446c050d6e93d3fef

    • SHA512

      b891367f31996d2dc895e724a8ed21e877dda3e96024af9b209dd54fdbdefa012ea55b90467444e11e5b23fadb5f2131f345ca96ad505da86f63e42d3aafc026

    • SSDEEP

      768:/7BlpQpARFbhIYJIJDYJIJPfFpsJcFfFpsJcmnGUNGU4EXBwzEXBwnR5hrxR5hrs:/7ZQpApze+eJfFpsJOfFpsJeFrxFrs

    Score
    9/10
    ransomware

    • Renames multiple (5193) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks