Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

9

Static

static

3

9cb52e5581...cs.exe

windows7-x64

9

9cb52e5581...cs.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    9cb52e5581a3cc9398d999cc4194599735c8375aabd8020f1b6a29ee60a53f22_NeikiAnalytics.exe

  • Size

    132KB

  • Sample

    240628-r1smzsvbpb

  • MD5

    d2e3fae4133c39b39e04caf8cfdbc9a0

  • SHA1

    2331e643c40235c8d81cef7e8258866d986ea058

  • SHA256

    9cb52e5581a3cc9398d999cc4194599735c8375aabd8020f1b6a29ee60a53f22

  • SHA512

    78ec0bb1c53abaea49ebcf04cb49c7902e8f54dab7cefda6b2e6595f318910a5fb81bb053e31ba6c5c91c957ec84a3ceb8f8cf9ac4dd31add2c710049e402b7a

  • SSDEEP

    1536:W7ZNLpApCZuvIYYoYoN7n97n47ZNLpApCZuvIYYoYoN7n97nz:6NLWpCZLYpZ4NLWpCZLYpZz

Score
9/10
ransomware

Malware Config

Targets

    • Target

      9cb52e5581a3cc9398d999cc4194599735c8375aabd8020f1b6a29ee60a53f22_NeikiAnalytics.exe

    • Size

      132KB

    • MD5

      d2e3fae4133c39b39e04caf8cfdbc9a0

    • SHA1

      2331e643c40235c8d81cef7e8258866d986ea058

    • SHA256

      9cb52e5581a3cc9398d999cc4194599735c8375aabd8020f1b6a29ee60a53f22

    • SHA512

      78ec0bb1c53abaea49ebcf04cb49c7902e8f54dab7cefda6b2e6595f318910a5fb81bb053e31ba6c5c91c957ec84a3ceb8f8cf9ac4dd31add2c710049e402b7a

    • SSDEEP

      1536:W7ZNLpApCZuvIYYoYoN7n97n47ZNLpApCZuvIYYoYoN7n97nz:6NLWpCZLYpZ4NLWpCZLYpZz

    Score
    9/10
    ransomware

    • Renames multiple (4705) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks