Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

9443dc989a...KI.exe

windows7-x64

7

9443dc989a...KI.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    117s
  • max time network
    118s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    08/05/2024, 23:17

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    9443dc989af2ec2ca01136fa9db63170_NEIKI.exe

  • Size

    943KB

  • MD5

    9443dc989af2ec2ca01136fa9db63170

  • SHA1

    c31ef047834d1cf35070e3b02380268485862e15

  • SHA256

    752d699f3dbf848043e43ea37c86759eb6b9a9b3662fe1df959aa16e2fb7ad17

  • SHA512

    915379c72ec434ea762662aed4bebc7bf7d95a637538ce051e3764a3f184b6b371f6eb7d61a97859a451819a812602b329a43d5c6c602702b5275d28527add4e

  • SSDEEP

    24576:Pa3fzCgIf1TNkreNd94227Vq0ELZmD1VUZmhVixpN:Pa3fzoG0422whZmhiZmhVixpN

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\9443dc989af2ec2ca01136fa9db63170_NEIKI.exe
    "C:\Users\Admin\AppData\Local\Temp\9443dc989af2ec2ca01136fa9db63170_NEIKI.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of WriteProcessMemory
    PID:2412
    • C:\Users\Admin\AppData\Local\Temp\1600.tmp
      "C:\Users\Admin\AppData\Local\Temp\1600.tmp"
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:2224

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Users\Admin\AppData\Local\Temp\1600.tmp
    Filesize

    943KB

    MD5

    81f8cecfa43887d1d5e8831d2c5726f7

    SHA1

    0fde251a904e697c041ca1f02702e6b0859f4766

    SHA256

    19e269274facb09d4536b1fc109e4a23e84d99419da60d15fdbf723af7548e87

    SHA512

    f076ae58d0ade74b372cadcf2171898ccd1fc42a86df3dd9e7fbfa160145381999a3ae25cc8161a90a1b5eb330138dbe7ec0ae276b18eac47154718fe93068d8

    Download Submit