Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    150s
  • max time network
    150s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240426-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system
  • submitted
    29/05/2024, 04:19

General

  • Target

    3d598de223d22faad0c6f04834d50ab0_NeikiAnalytics.exe

  • Size

    79KB

  • MD5

    3d598de223d22faad0c6f04834d50ab0

  • SHA1

    9e7843b96e531f78bcdc84acb912734416b30405

  • SHA256

    1187b20e9eaead243a92dae1c48b9cfcbd3d18f12f8046a2b2f96db515e9220c

  • SHA512

    cb403dfebd10c6e672d226c6bdcad06e340fdccdf5c142af84f5479694ddd0a726e265f1e752989239db0687e713f7c94a5b21223e24b380ef3b9c87952dce45

  • SSDEEP

    1536:zvpoooXM5F0qfhj2ipNOQA8AkqUhMb2nuy5wgIP0CSJ+5yEB8GMGlZ5G:zvpoooE062VGdqU7uy5w9WMyEN5G

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Suspicious use of WriteProcessMemory 6 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\3d598de223d22faad0c6f04834d50ab0_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\3d598de223d22faad0c6f04834d50ab0_NeikiAnalytics.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2012

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\[email protected]

    Filesize

    79KB

    MD5

    2699fc0d86af9d4176e51bae2659597f

    SHA1

    c5989a3f76d609576c41900426d975686a7a01be

    SHA256

    58f4783e62d4e55458ab271a970044490c13c44f9bd39860daf2bc0d550ba94f

    SHA512

    7bd857be815e01a70c42f122df505b604de8981004818834897a935f15a3b9d469c3debe849424465e7aa5bbf36d5a4d294ac9c097a890de770479000e1b149b

  • memory/2012-6-0x0000000000400000-0x000000000041B000-memory.dmp

    Filesize

    108KB

  • memory/3228-5-0x0000000000400000-0x000000000041B000-memory.dmp

    Filesize

    108KB