Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
3d84cdf96a74214e15cd2b074b79f0fa5863a01049dfe1b2f687ea788a882b93_NeikiAnalytics.exe
-
Size
144KB
-
Sample
240629-a3tjmazdkk
-
MD5
2cfe920cd8c5eecd65559d6cc89b8800
-
SHA1
d974c37b1058e2a5692704404085b2c955ba6326
-
SHA256
3d84cdf96a74214e15cd2b074b79f0fa5863a01049dfe1b2f687ea788a882b93
-
SHA512
925d370579234bbf7066e04fc12be3eeb917b08b6609a4d20048b92241647a59837c0757b3815494119543083ac4e6fc0b3dc59158d9723207b3c68e4e8b0612
-
SSDEEP
1536:W7ZNLpApCZuvIYYoYoN7n97nYosbos67ZNLpApCZuvIYYoYoN7n97nYosbos3:6NLWpCZLYpZiX+NLWpCZLYpZiX3
Static task
static1
Behavioral task
behavioral1
Sample
3d84cdf96a74214e15cd2b074b79f0fa5863a01049dfe1b2f687ea788a882b93_NeikiAnalytics.exe
Resource
win7-20240419-en
Behavioral task
behavioral2
Sample
3d84cdf96a74214e15cd2b074b79f0fa5863a01049dfe1b2f687ea788a882b93_NeikiAnalytics.exe
Resource
win10v2004-20240611-en
Malware Config
Targets
-
-
Target
3d84cdf96a74214e15cd2b074b79f0fa5863a01049dfe1b2f687ea788a882b93_NeikiAnalytics.exe
-
Size
144KB
-
MD5
2cfe920cd8c5eecd65559d6cc89b8800
-
SHA1
d974c37b1058e2a5692704404085b2c955ba6326
-
SHA256
3d84cdf96a74214e15cd2b074b79f0fa5863a01049dfe1b2f687ea788a882b93
-
SHA512
925d370579234bbf7066e04fc12be3eeb917b08b6609a4d20048b92241647a59837c0757b3815494119543083ac4e6fc0b3dc59158d9723207b3c68e4e8b0612
-
SSDEEP
1536:W7ZNLpApCZuvIYYoYoN7n97nYosbos67ZNLpApCZuvIYYoYoN7n97nYosbos3:6NLWpCZLYpZiX+NLWpCZLYpZiX3
Score9/10-
Renames multiple (5191) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Executes dropped EXE
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops file in System32 directory
-