Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

468952c7c4...cs.exe

windows7-x64

7

468952c7c4...cs.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    119s
  • max time network
    120s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    01/06/2024, 10:25

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    468952c7c4cc9d919455f6dd237823c0_NeikiAnalytics.exe

  • Size

    5.4MB

  • MD5

    468952c7c4cc9d919455f6dd237823c0

  • SHA1

    f27106f0c59fba56847446cde9919d12e32f7a79

  • SHA256

    c520f3a32d4f6e82ae61d8168c4a52d13735af74c3bae0604604eee8c640b79b

  • SHA512

    ecceafbc5a4623f3f26b1b8a0bf10945eab2c2cb06884e52a2faf9970ebfa63a28bb4d8c0bb13ddefceae1dcc7179622bb479bdbef90f99eb0d6558bcfe94cc2

  • SSDEEP

    98304:emhd1UryeHFrkJ10P5nb1VR89nV7wQqZUha5jtSyZIUh:elnFra6BjE2QbaZtliU

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 2 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\468952c7c4cc9d919455f6dd237823c0_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\468952c7c4cc9d919455f6dd237823c0_NeikiAnalytics.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of WriteProcessMemory
    PID:1872
    • C:\Users\Admin\AppData\Local\Temp\1822.tmp
      "C:\Users\Admin\AppData\Local\Temp\1822.tmp" --splashC:\Users\Admin\AppData\Local\Temp\468952c7c4cc9d919455f6dd237823c0_NeikiAnalytics.exe F564C114C13558D9891A3DA3BDD0691237C9B84B1961CD9972653D332F4DCE38BBE5DCBFE02247C5C51A99D573D9A813A1B18C9E542BBFC31128D62797AAC1EA
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:1960

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Users\Admin\AppData\Local\Temp\1822.tmp
    Filesize

    5.4MB

    MD5

    6d7d632276b5cfb179e2719d68bd279d

    SHA1

    2617bdebe148bb1cde789dca3770c684dc039efe

    SHA256

    5e4435645aefc60eabd36d383d7e9966b1b93bc122d603893d382990d21de382

    SHA512

    e0e7314f7f95b68491db1d4be9e09ba5c349c00ab091c6cbe78196442ea413c55b87f16688db7cfc9f6bbfac68732e023168483d974ef006b54c09964b07fd3c

    Download Submit

  • memory/1872-0-0x0000000000400000-0x0000000000849000-memory.dmp

    Filesize

    4.3MB

    Download

  • memory/1960-9-0x0000000000400000-0x0000000000849000-memory.dmp

    Filesize

    4.3MB

    Download