Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
92s -
max time network
123s -
platform
windows10-2004_x64 -
resource
win10v2004-20240508-en -
resource tags
arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system -
submitted
08/05/2024, 20:18
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
3a2512e36e8ddd2209f3654eb29ec380_NEIKI.exe
Resource
win10v2004-20240508-en
2 signatures
150 seconds
General
-
Target
3a2512e36e8ddd2209f3654eb29ec380_NEIKI.exe
-
Size
1.3MB
-
MD5
3a2512e36e8ddd2209f3654eb29ec380
-
SHA1
6b663895c80bccf4eeb27ec5d93df07de9325739
-
SHA256
02b1345a3421c57633ab653b1eb5f036781f5943fee8b465268562f18f3d56ab
-
SHA512
3eb53c999f3ab02a330d25cb1f09551892b72a2283c1593b8fa8459d6631f4abbbab1d50c9e9dacb1bef6aae873c00c5fc95b0c1e1e0240545332314f6282b2a
-
SSDEEP
12288:C7Z4K9nQ5S6HFaCt5Wgd+gkvMQDabQ82kbj3BmfWBEHN36h/98QPK0t:C7Z4MP6laCt5Wgd+Z0y6n2kPUfWl/9u
Score
5/10
Malware Config
Signatures
-
Drops file in System32 directory 1 IoCs
description ioc Process File opened for modification C:\Windows\System32\alg.exe 3a2512e36e8ddd2209f3654eb29ec380_NEIKI.exe -
Suspicious use of AdjustPrivilegeToken 1 IoCs
description pid Process Token: SeTakeOwnershipPrivilege 1612 3a2512e36e8ddd2209f3654eb29ec380_NEIKI.exe