Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    48a7d4e69970e81689045652470499356208da816d70c17bdc85d45b7f7b586e_NeikiAnalytics.exe

  • Size

    123KB

  • Sample

    240701-lwgf9syamq

  • MD5

    fdad1f717c696a3128b4ce0aa1fa4f20

  • SHA1

    47a6775ae10382a0097a472cc07765c4bc6667ea

  • SHA256

    48a7d4e69970e81689045652470499356208da816d70c17bdc85d45b7f7b586e

  • SHA512

    8041b038f266b4505c0cdd229024afcc577a8374b6252857ec42cc3492273e89796ca2efa6a63fa29e28832a825fbf7eb979933c8b59d227174a6b48af5a7168

  • SSDEEP

    768:/7BlpQpARFbhWGLF/MF/LEXBwzEXBwR7BlpQpARFbhWGLF/MF/LEXBwzEXBwTTgS:/7ZQpApP2B7ZQpApP2DUS

Score
9/10

Malware Config

Targets

    • Target

      48a7d4e69970e81689045652470499356208da816d70c17bdc85d45b7f7b586e_NeikiAnalytics.exe

    • Size

      123KB

    • MD5

      fdad1f717c696a3128b4ce0aa1fa4f20

    • SHA1

      47a6775ae10382a0097a472cc07765c4bc6667ea

    • SHA256

      48a7d4e69970e81689045652470499356208da816d70c17bdc85d45b7f7b586e

    • SHA512

      8041b038f266b4505c0cdd229024afcc577a8374b6252857ec42cc3492273e89796ca2efa6a63fa29e28832a825fbf7eb979933c8b59d227174a6b48af5a7168

    • SSDEEP

      768:/7BlpQpARFbhWGLF/MF/LEXBwzEXBwR7BlpQpARFbhWGLF/MF/LEXBwzEXBwTTgS:/7ZQpApP2B7ZQpApP2DUS

    Score
    9/10
    • Renames multiple (4736) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Matrix

Tasks