Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

f3ee763ffd...cs.exe

windows7-x64

7

f3ee763ffd...cs.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    140s
  • max time network
    124s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240426-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system
  • submitted
    09/05/2024, 20:43

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    f3ee763ffdf5f271a6e13e3c3e01e940_NeikiAnalytics.exe

  • Size

    74KB

  • MD5

    f3ee763ffdf5f271a6e13e3c3e01e940

  • SHA1

    e74d0b649d9c4812daf98515f6230715d9337abf

  • SHA256

    ecada2cb10a8847e7952d776f2cca5ac7cf61dd03f992c6992edc0029a8b82b9

  • SHA512

    fea5f9facca2448337e9a33e202d56b8bf5a4164256f39c6cd1b9822f3c4c30a27d741a5286cce4708eb5705f2998c9c6ddc0673e4f465d00bfbdaebd8032eb6

  • SSDEEP

    1536:1P8KE3UknVTVpXd4Q2x6H5eCU8hh/Q/0ATiPGQQPWTl4:ep37VTV5d4Q2xpIhhTA5feR4

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Drops file in System32 directory 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\f3ee763ffdf5f271a6e13e3c3e01e940_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\f3ee763ffdf5f271a6e13e3c3e01e940_NeikiAnalytics.exe"
    1⤵
    • Drops file in System32 directory
    PID:4352
    • C:\Windows\SysWOW64\uvnareaf-eaxeab.exe
      "C:\Windows\SysWOW64\uvnareaf-eaxeab.exe"
      2⤵
      • Executes dropped EXE
      PID:2956

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Windows\SysWOW64\uvnareaf-eaxeab.exe
    Filesize

    71KB

    MD5

    df5c1977b48b4d8b66081cd246ec70ab

    SHA1

    dd558c6b1f8adfe72aa553d2b85e081a009b0daa

    SHA256

    ebaa8633e2d5bcf1a296033721b45c84cf2aae396ee63a51427a888fccd7c79f

    SHA512

    e2a2947d8b553e923b04a07c50b333328a7b2c376c1bbe4cbef2dea61a4837801cc4c6ae90e6a1f67abdbce408a587cd650dc8e0686f0b82476efc03a56e941c

    Download Submit

  • memory/4352-3-0x0000000077162000-0x0000000077163000-memory.dmp

    Filesize

    4KB

    Download

  • memory/4352-4-0x0000000000400000-0x0000000000403000-memory.dmp

    Filesize

    12KB

    Download