91923805dc817c65f79b1041ed3f3ec674bc6ec084621e521baea8868749cb51 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

8c9de6d509...KI.exe

windows7-x64

7

8c9de6d509...KI.exe

windows10-2004-x64

7

Sharing

General

Target

8c9de6d509797fb7ee0d586969db6270_NEIKI
Size

60KB
Sample

240508-nrfehsda79
MD5

8c9de6d509797fb7ee0d586969db6270
SHA1

bb86c5c02d0139ae93ec6e4c0c8e16a15aae188e
SHA256

91923805dc817c65f79b1041ed3f3ec674bc6ec084621e521baea8868749cb51
SHA512

57625f6d9bf7ddbf015a8001da89e0b5cfceb548a46841523a5e650953bbacf7bdd097db6b64d676f693a4ac9d8b674a5275a50324208a02c08044d86038196f
SSDEEP

768:ahZyc5B97Dpnb6vfNtSTucPGFTxRijy6A6cb5D7dXWj2deFPyp+d+R9Zx:ahZJF7NYtSTuuQTzijy6Ne5D7hqjFyh

Score

7^/10

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

8c9de6d509797fb7ee0d586969db6270_NEIKI.exe

Resource

win7-20231129-en

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

8c9de6d509797fb7ee0d586969db6270_NEIKI.exe

Resource

win10v2004-20240419-en

windows10-2004-x64

3 signatures

150 seconds

Malware Config

Targets

- Target
  
  8c9de6d509797fb7ee0d586969db6270_NEIKI
- Size
  
  60KB
- MD5
  
  8c9de6d509797fb7ee0d586969db6270
- SHA1
  
  bb86c5c02d0139ae93ec6e4c0c8e16a15aae188e
- SHA256
  
  91923805dc817c65f79b1041ed3f3ec674bc6ec084621e521baea8868749cb51
- SHA512
  
  57625f6d9bf7ddbf015a8001da89e0b5cfceb548a46841523a5e650953bbacf7bdd097db6b64d676f693a4ac9d8b674a5275a50324208a02c08044d86038196f
- SSDEEP
  
  768:ahZyc5B97Dpnb6vfNtSTucPGFTxRijy6A6cb5D7dXWj2deFPyp+d+R9Zx:ahZJF7NYtSTuuQTzijy6Ne5D7hqjFyh
Score

7^/10
- Executes dropped EXE
- Loads dropped DLL
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy