Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

251dd29c92...cs.dll

windows7-x64

7

251dd29c92...cs.dll

windows10-2004-x64

7

Analysis

  • max time kernel
    120s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20240419-en
  • resource tags

    arch:x64arch:x86image:win7-20240419-enlocale:en-usos:windows7-x64system
  • submitted
    11/05/2024, 17:58 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    251dd29c9295e8ed609d6ffb4f7c97e0_NeikiAnalytics.dll

  • Size

    1.6MB

  • MD5

    251dd29c9295e8ed609d6ffb4f7c97e0

  • SHA1

    671b1d71df355c0e9e1b14a6fb044fbb1edda459

  • SHA256

    86a120c521052a79c79c8342740d684ad253275d20b5d2907df3325d89fc83a9

  • SHA512

    81190f4facefbc2bc093ca3dfca9d7852fff96d35a8531f5c2d8a6875e9845048257bd058352182239430422a85bf58aa9c9892582b2f2906311cc7014bcc84f

  • SSDEEP

    24576:+b7KFij7y5u4Laq+hlrYqr7OeTYyrNig6XhSAfrkVVWMEXU8b8wOoWFwT:+MijoaPOeTzH6x5oVTEXwwODFwT

Score
7/10
evasion

Malware Config

Signatures

  • Identifies Wine through registry keys 2 TTPs 1 IoCs

    Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.

    evasion
  • Program crash 1 IoCs
  • Suspicious use of WriteProcessMemory 11 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\251dd29c9295e8ed609d6ffb4f7c97e0_NeikiAnalytics.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:992
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\251dd29c9295e8ed609d6ffb4f7c97e0_NeikiAnalytics.dll,#1
      2⤵
      • Identifies Wine through registry keys
      • Suspicious use of WriteProcessMemory
      PID:2308
      • C:\Windows\SysWOW64\WerFault.exe
        C:\Windows\SysWOW64\WerFault.exe -u -p 2308 -s 268
        3⤵
        • Program crash
        PID:2320

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.