Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

b817e14ca2...cs.exe

windows7-x64

7

b817e14ca2...cs.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    117s
  • max time network
    118s
  • platform
    windows7_x64
  • resource
    win7-20240215-en
  • resource tags

    arch:x64arch:x86image:win7-20240215-enlocale:en-usos:windows7-x64system
  • submitted
    09/05/2024, 18:07

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    b817e14ca2a8cbe41141033713670050_NeikiAnalytics.exe

  • Size

    384KB

  • MD5

    b817e14ca2a8cbe41141033713670050

  • SHA1

    a98c7f1d6e287d8a7bd7db911c576fa04f6937f3

  • SHA256

    7d1fe5e4b97675d33d9c3cd0d55c9bfc427b9f46b997025212ab1efdc51facf2

  • SHA512

    7db34baa416d3a376b44f450ded383672843d794229c333ed6e60c6f18723ee5047d8cd28a45eec66c1050059825de33519af540880d74fad82b81172de5a8d4

  • SSDEEP

    12288:Qxi53SPm4A524xKNUCrbcol8zie973wEE:im952NBxGA

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious behavior: RenamesItself 1 IoCs
  • Suspicious use of UnmapMainImage 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\b817e14ca2a8cbe41141033713670050_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\b817e14ca2a8cbe41141033713670050_NeikiAnalytics.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: RenamesItself
    • Suspicious use of WriteProcessMemory
    PID:2328
    • C:\Users\Admin\AppData\Local\Temp\b817e14ca2a8cbe41141033713670050_NeikiAnalytics.exe
      C:\Users\Admin\AppData\Local\Temp\b817e14ca2a8cbe41141033713670050_NeikiAnalytics.exe
      2⤵
      • Deletes itself
      • Executes dropped EXE
      • Suspicious use of UnmapMainImage
      PID:2544

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\b817e14ca2a8cbe41141033713670050_NeikiAnalytics.exe
    Filesize

    384KB

    MD5

    5af8a87b39065788878989ba4ae18db6

    SHA1

    d06cdc6f525beaa279c934c06d6559410dd0a46b

    SHA256

    39d9bfe4c91b6811882defbf7e7f204e22d2fb7a7b55d1e0a4145d69fde3e743

    SHA512

    a034dab3a7fef3bfae25114105914d056c4bb73c0ac6001ce1208bf90c9ca03c1483636b97db112de266db76fd2b2c551ad17e46bc2c2aca22a2e886047ab7d9

    Download Submit

  • memory/2328-0-0x0000000000400000-0x000000000043E000-memory.dmp

    Filesize

    248KB

    Download

  • memory/2328-10-0x0000000000400000-0x000000000043E000-memory.dmp

    Filesize

    248KB

    Download

  • memory/2328-8-0x00000000001E0000-0x000000000021E000-memory.dmp

    Filesize

    248KB

    Download

  • memory/2544-12-0x0000000000400000-0x000000000041A000-memory.dmp

    Filesize

    104KB

    Download

  • memory/2544-11-0x0000000000400000-0x000000000043E000-memory.dmp

    Filesize

    248KB

    Download

  • memory/2544-17-0x0000000000190000-0x00000000001CE000-memory.dmp

    Filesize

    248KB

    Download

  • memory/2544-18-0x0000000000400000-0x000000000043E000-memory.dmp

    Filesize

    248KB

    Download