Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
48a7d4e69970e81689045652470499356208da816d70c17bdc85d45b7f7b586e_NeikiAnalytics.exe
-
Size
123KB
-
Sample
240701-lwgf9syamq
-
MD5
fdad1f717c696a3128b4ce0aa1fa4f20
-
SHA1
47a6775ae10382a0097a472cc07765c4bc6667ea
-
SHA256
48a7d4e69970e81689045652470499356208da816d70c17bdc85d45b7f7b586e
-
SHA512
8041b038f266b4505c0cdd229024afcc577a8374b6252857ec42cc3492273e89796ca2efa6a63fa29e28832a825fbf7eb979933c8b59d227174a6b48af5a7168
-
SSDEEP
768:/7BlpQpARFbhWGLF/MF/LEXBwzEXBwR7BlpQpARFbhWGLF/MF/LEXBwzEXBwTTgS:/7ZQpApP2B7ZQpApP2DUS
Static task
static1
Behavioral task
behavioral1
Sample
48a7d4e69970e81689045652470499356208da816d70c17bdc85d45b7f7b586e_NeikiAnalytics.exe
Resource
win7-20240419-en
Behavioral task
behavioral2
Sample
48a7d4e69970e81689045652470499356208da816d70c17bdc85d45b7f7b586e_NeikiAnalytics.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
48a7d4e69970e81689045652470499356208da816d70c17bdc85d45b7f7b586e_NeikiAnalytics.exe
-
Size
123KB
-
MD5
fdad1f717c696a3128b4ce0aa1fa4f20
-
SHA1
47a6775ae10382a0097a472cc07765c4bc6667ea
-
SHA256
48a7d4e69970e81689045652470499356208da816d70c17bdc85d45b7f7b586e
-
SHA512
8041b038f266b4505c0cdd229024afcc577a8374b6252857ec42cc3492273e89796ca2efa6a63fa29e28832a825fbf7eb979933c8b59d227174a6b48af5a7168
-
SSDEEP
768:/7BlpQpARFbhWGLF/MF/LEXBwzEXBwR7BlpQpARFbhWGLF/MF/LEXBwzEXBwTTgS:/7ZQpApP2B7ZQpApP2DUS
Score9/10-
Renames multiple (4736) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-