Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

7

e61f19a95d...cs.exe

windows7-x64

7

e61f19a95d...cs.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    149s
  • max time network
    150s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240508-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
  • submitted
    17/05/2024, 09:07

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    e61f19a95dd27985fca587db9e556050_NeikiAnalytics.exe

  • Size

    83KB

  • MD5

    e61f19a95dd27985fca587db9e556050

  • SHA1

    1c1f39f6bf6631fac3d6c7eafa772cdb2b46e18f

  • SHA256

    b920d28f10b2451eee404486a74348f70ba33238d87c7b9f60aaf5c8cf7993f9

  • SHA512

    b73dc8f24930887e751aae7c0c1a2da2254b43862e119789e5f41a706ed71bcd250503f60c9845a86f0f6a9a6c4f111c48795d51f94bc7d2d142d62997b5f7a0

  • SSDEEP

    1536:LJaPJpAz869DUxWB+i4OQ4NR2Kk+aSnfZaG8fcaOCzGquSE0cF+dK:LJ0TAz6Mte4A+aaZx8EnCGVud

Score
7/10
upx

Malware Config

Signatures

  • UPX packed file 7 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx

Processes

  • C:\Users\Admin\AppData\Local\Temp\e61f19a95dd27985fca587db9e556050_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\e61f19a95dd27985fca587db9e556050_NeikiAnalytics.exe"
    1⤵
      PID:1628

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\Users\Admin\AppData\Local\Temp\rifaien2-86TFQtS2Pg1xTmlw.exe
      Filesize

      83KB

      MD5

      e4df820a9ca2b5429403d44bf6f18710

      SHA1

      0c448e18dd84a44fc5453e7180611efacfe512af

      SHA256

      fa5f4b840a244010b859b043f213b979e8b214c9a64e79080db900ec5635ac22

      SHA512

      7bf7f68e5358057ef284fe9d8efd6c0c60a039d8d7debb069962cecd15e511ee2b43dc11161cc40a7266bdcd0bcca61d0d84bfee1a213a6509360dde1b9e5796

      Download Submit

    • memory/1628-0-0x0000000000400000-0x000000000042A000-memory.dmp

      Filesize

      168KB

      Download

    • memory/1628-1-0x0000000000400000-0x000000000042A000-memory.dmp

      Filesize

      168KB

      Download

    • memory/1628-7-0x0000000000400000-0x000000000042A000-memory.dmp

      Filesize

      168KB

      Download

    • memory/1628-14-0x0000000000400000-0x000000000042A000-memory.dmp

      Filesize

      168KB

      Download

    • memory/1628-21-0x0000000000400000-0x000000000042A000-memory.dmp

      Filesize

      168KB

      Download

    • memory/1628-28-0x0000000000400000-0x000000000042A000-memory.dmp

      Filesize

      168KB

      Download