Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

2e333374f5...cs.exe

windows7-x64

7

2e333374f5...cs.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    136s
  • max time network
    105s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240426-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system
  • submitted
    17/05/2024, 20:38

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2e333374f57a9b148338e9759d3d2480_NeikiAnalytics.exe

  • Size

    5.4MB

  • MD5

    2e333374f57a9b148338e9759d3d2480

  • SHA1

    e9f0efa14a690f7d67fd35d5af4f3aa496334000

  • SHA256

    78477a4cdb8655f7dec6819cb321e42af88dc4c286261a96965f03e35282c2e2

  • SHA512

    8b0c6a5a7d8034516335a1003e86ff8116a2b9623480c734090b5fb6c23c4d8a2b0473ec3f96a8216f0dd599d22bac6e0b33eaef7b377d75da376a02ab3b91a3

  • SSDEEP

    98304:emhd1UryeOACRBGKz5SuhwKkmUcV7wQqZUha5jtSyZIUh:elHCPgKkmUc2QbaZtliU

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2e333374f57a9b148338e9759d3d2480_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\2e333374f57a9b148338e9759d3d2480_NeikiAnalytics.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:436
    • C:\Users\Admin\AppData\Local\Temp\3BF0.tmp
      "C:\Users\Admin\AppData\Local\Temp\3BF0.tmp" --splashC:\Users\Admin\AppData\Local\Temp\2e333374f57a9b148338e9759d3d2480_NeikiAnalytics.exe 54E8C28D56E3189B5E5A09A986477A7B228329094BD9E10C478A74C0E961DC0048288E0C0B003A447261ED1CB1231E7CBDACC2447F332AB9B65022710CF1FFD0
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:1484

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\3BF0.tmp
    Filesize

    5.4MB

    MD5

    7dda1a4156900ee9061ff6846b522d5e

    SHA1

    a2d7015974bfb8a53f960a4fcf2f0baa3a6af2b7

    SHA256

    046a6739d801321ffd14974202df24b8300d1ce725f3ebc1d171c76411140d72

    SHA512

    42b2290b9c8a93ccf85f35278f064de92b8a94655128d3bb209aaa0d68cc9a5fb83b780c3d51f45567b20243ac761407675051265a799e312b8bc4710718971c

    Download Submit

  • memory/436-0-0x0000000000400000-0x0000000000849000-memory.dmp

    Filesize

    4.3MB

    Download

  • memory/1484-5-0x0000000000400000-0x0000000000849000-memory.dmp

    Filesize

    4.3MB

    Download