Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

7

21e4028724...cs.exe

windows7-x64

7

21e4028724...cs.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    141s
  • max time network
    147s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240426-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system
  • submitted
    21/05/2024, 08:27

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    21e402872458488df63a4b9e5365288c4c9c11fb873c92c5058cfd35c24917f7_NeikiAnalytics.exe

  • Size

    83KB

  • MD5

    cb87c03e6e77fcf4f512f2f2b33511f0

  • SHA1

    37970bf0d77e1ed80b3bed241de33a012bd473c5

  • SHA256

    21e402872458488df63a4b9e5365288c4c9c11fb873c92c5058cfd35c24917f7

  • SHA512

    f3e4399668eab22ff42b4f29a5468c3931baf7ae223d28c86678f861b662d5b506eb94434a0c935a696929bc1e49870d21ca0ac2079cd3a1e50eac5680427d42

  • SSDEEP

    1536:LJaPJpAz869DUxWB+i4OQ4NR2Kk+aSnfZaG8fcaOCzGquSE0cF+xK:LJ0TAz6Mte4A+aaZx8EnCGVux

Score
7/10
upx

Malware Config

Signatures

  • UPX packed file 7 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx

Processes

  • C:\Users\Admin\AppData\Local\Temp\21e402872458488df63a4b9e5365288c4c9c11fb873c92c5058cfd35c24917f7_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\21e402872458488df63a4b9e5365288c4c9c11fb873c92c5058cfd35c24917f7_NeikiAnalytics.exe"
    1⤵
      PID:208

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\Users\Admin\AppData\Local\Temp\rifaien2-E1WrwHoHyCqva5y6.exe
      Filesize

      83KB

      MD5

      8905e175113a598a5b4a22be97b75ca2

      SHA1

      5e84be31a4bc39740d7242e2a6d11f6b95c3eac3

      SHA256

      5883387210c1351ce089e74c056d8d89a661a7e5403baf94749f356840a22ca4

      SHA512

      f43070fdd2b7b326720ef17c915acfc332a67854e336affbd140a7619593678726f08a5de4c0539feeebde8a46749201609ba301bd2c70ca310484bc152c68c8

      Download Submit

    • memory/208-0-0x0000000000400000-0x000000000042A000-memory.dmp

      Filesize

      168KB

      Download

    • memory/208-1-0x0000000000400000-0x000000000042A000-memory.dmp

      Filesize

      168KB

      Download

    • memory/208-7-0x0000000000400000-0x000000000042A000-memory.dmp

      Filesize

      168KB

      Download

    • memory/208-14-0x0000000000400000-0x000000000042A000-memory.dmp

      Filesize

      168KB

      Download

    • memory/208-21-0x0000000000400000-0x000000000042A000-memory.dmp

      Filesize

      168KB

      Download

    • memory/208-29-0x0000000000400000-0x000000000042A000-memory.dmp

      Filesize

      168KB

      Download