Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

278886a4a3...cs.exe

windows7-x64

7

278886a4a3...cs.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    120s
  • max time network
    125s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    10/05/2024, 23:13

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    278886a4a34dcb466869cc0fad855200_NeikiAnalytics.exe

  • Size

    7.8MB

  • MD5

    278886a4a34dcb466869cc0fad855200

  • SHA1

    c44396cc75e485ac59cfabe8eae4fc98b3a883e3

  • SHA256

    10c85f6ceebad92bb239602c0903fa3324daa5dbb61da726aeccf24a9f6ea122

  • SHA512

    dae1ac82602a52d53073abefbaa8d00c6d434e5575cac7dfb39cdbd03d0665cd535af7008b18fcf160f93f6f777c23aa1aec18131819496efa1f7b2b871aeb81

  • SSDEEP

    98304:emhd1UryeSlWa6V8266AH9dX2LfXP+V7wQqZUha5jtSyZIUb:el1a6eFH9dX2Lfm2QbaZtli

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 2 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\278886a4a34dcb466869cc0fad855200_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\278886a4a34dcb466869cc0fad855200_NeikiAnalytics.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of WriteProcessMemory
    PID:2896
    • C:\Users\Admin\AppData\Local\Temp\95F9.tmp
      "C:\Users\Admin\AppData\Local\Temp\95F9.tmp" --splashC:\Users\Admin\AppData\Local\Temp\278886a4a34dcb466869cc0fad855200_NeikiAnalytics.exe 9A99C1671E8107C0806D44ED96396842BE56F52AD18ADD093D1659F9342873B65469B3A27CF86373A09A5AA079F0C875856F7174F146A01872D606B88E4DA80A
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:2224

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Users\Admin\AppData\Local\Temp\95F9.tmp
    Filesize

    7.8MB

    MD5

    4897779471a2065bb01731de0130bbab

    SHA1

    d8ff670eaa4ae41b15cf6cf649024ea6d1e56669

    SHA256

    15b8bc31be88e1207c94dc4ddfb692cca27a402bde4f35214c79d555f6f68fba

    SHA512

    9ca12a0e486b836f9bb641ae3c864cf746eab2428259e5375f0253e766a69727a75147004f040d7a80f95d0c2e2e85b56b32a51822e0f700716af85b9d057dca

    Download Submit

  • memory/2224-9-0x0000000000400000-0x0000000000849000-memory.dmp

    Filesize

    4.3MB

    Download

  • memory/2896-0-0x0000000000400000-0x0000000000849000-memory.dmp

    Filesize

    4.3MB

    Download