Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

114a5764ef...cs.exe

windows7-x64

10

114a5764ef...cs.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    114a5764ef69b8a8069360c2e8eea2d0_NeikiAnalytics.exe

  • Size

    1.9MB

  • Sample

    240527-x75tsagd46

  • MD5

    114a5764ef69b8a8069360c2e8eea2d0

  • SHA1

    06fe1267e7827704982de59c96192035442ea995

  • SHA256

    bc5e77ddb5d510d98689aece5d4500461141d115d93f4ba459cdf1d33799c8ef

  • SHA512

    8ded1d3c44e13a6b34e398a33f1e5dc3d5b4f92f0c69e49b5ca71c9b8411697a72fa574b8a5816f494099fb45675178ccfc5c7cc11464bc27a72a0585aec7c26

  • SSDEEP

    49152:knw9oUUEEDl37jcqdt3uB3AXqMTwi4/1049:kQUEEI

Score
10/10
xmrigminerupx

Malware Config

Targets

    • Target

      114a5764ef69b8a8069360c2e8eea2d0_NeikiAnalytics.exe

    • Size

      1.9MB

    • MD5

      114a5764ef69b8a8069360c2e8eea2d0

    • SHA1

      06fe1267e7827704982de59c96192035442ea995

    • SHA256

      bc5e77ddb5d510d98689aece5d4500461141d115d93f4ba459cdf1d33799c8ef

    • SHA512

      8ded1d3c44e13a6b34e398a33f1e5dc3d5b4f92f0c69e49b5ca71c9b8411697a72fa574b8a5816f494099fb45675178ccfc5c7cc11464bc27a72a0585aec7c26

    • SSDEEP

      49152:knw9oUUEEDl37jcqdt3uB3AXqMTwi4/1049:kQUEEI

    Score
    10/10
    xmrigminerupx

    • Suspicious use of NtCreateUserProcessOtherParentProcess

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • XMRig Miner payload

      miner

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks