Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

6915525b5d...cs.exe

windows7-x64

7

6915525b5d...cs.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    149s
  • max time network
    152s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240426-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system
  • submitted
    16/05/2024, 00:52

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    6915525b5df7bf26cff780bc0e53fe20_NeikiAnalytics.exe

  • Size

    73KB

  • MD5

    6915525b5df7bf26cff780bc0e53fe20

  • SHA1

    7fcabf5af0e18918674240b0954eb474c62867d8

  • SHA256

    14c67b2fff744dbb8b4d6a9084a0d05cd6bb0d7ab15308156ea6c1f7a8ac643c

  • SHA512

    e90cf24e567aed7a90c412b67ffaeb4ac4f2169a7cdaae9c1226c6018e78f2a71b89a8c069882202a9727e269738fe10c171133f4b33046ef9125e3e6752d5ed

  • SSDEEP

    1536:1K7ylw2jlA6WBRCJKObnTNBbJ6I4WMJvdDlQDhI5erKT3F5U:c7H6rbTNSImvplQVIQ06

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Drops file in System32 directory 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\6915525b5df7bf26cff780bc0e53fe20_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\6915525b5df7bf26cff780bc0e53fe20_NeikiAnalytics.exe"
    1⤵
    • Drops file in System32 directory
    PID:2536
    • C:\Windows\SysWOW64\asdoafoam-ocoas.exe
      "C:\Windows\SysWOW64\asdoafoam-ocoas.exe"
      2⤵
      • Executes dropped EXE
      PID:4656

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Windows\SysWOW64\asdoafoam-ocoas.exe
    Filesize

    70KB

    MD5

    abd7eb6ddaa3348c06de81f08852c92d

    SHA1

    f882fe868d02b649059571cf15759d8fc8ba8cb4

    SHA256

    a2c951f7821554a08c961ef9a2cbab0ac60088b13857e975ce22c7d06dff7a81

    SHA512

    8550c4915192bad9d0d90455526e5dc52e19d81589b3d7a27967112e85982091ad7ee7c4ef363028fc16f3446beb0b14ab8d97262c9334cb24f814794e3feb4d

    Download Submit

  • memory/2536-3-0x0000000077342000-0x0000000077343000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2536-4-0x0000000000400000-0x0000000000403000-memory.dmp

    Filesize

    12KB

    Download