Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

7

1202acab8b...cs.exe

windows7-x64

7

1202acab8b...cs.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    140s
  • max time network
    121s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    03/06/2024, 23:36

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    1202acab8bfb69ad10ed3d3fdc2ed940_NeikiAnalytics.exe

  • Size

    83KB

  • MD5

    1202acab8bfb69ad10ed3d3fdc2ed940

  • SHA1

    9f909c6885e2769a0861cad12771515f3070e28c

  • SHA256

    37d5df2f4be03940ea3d27442559c42469eca48bb3c4642aae507b8abf122aff

  • SHA512

    f3c785838752ae368893a29253cf1e517e7c951b6316943ee47f31356408363bfdb4cfd3c826becc07532f36eb46a80b4918d69e461ff0666db7dad1ce385311

  • SSDEEP

    1536:LJaPJpAz869DUxWB+i4OQ4NR2Kk+aSnfZaG8fcaOCzGquSE0cF+pK:LJ0TAz6Mte4A+aaZx8EnCGVup

Score
7/10
upx

Malware Config

Signatures

  • UPX packed file 7 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx

Processes

  • C:\Users\Admin\AppData\Local\Temp\1202acab8bfb69ad10ed3d3fdc2ed940_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\1202acab8bfb69ad10ed3d3fdc2ed940_NeikiAnalytics.exe"
    1⤵
      PID:2060

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\Users\Admin\AppData\Local\Temp\rifaien2-AVQVisHkuJTZa6fq.exe
      Filesize

      83KB

      MD5

      7612bf7453da53879fd49a6a4db68cd4

      SHA1

      473ba329bb1af9bbe62cd21b3098c60fa7183f0e

      SHA256

      6b0fe56abcac12b67df537969ae09691768aacd4a42c430864876dd4a8bed847

      SHA512

      823ceff406c1715e738f457992a95bb118f9e98065e2b29ae562ee76d4d6018605a24e049caffb3b87ba4b8cde37ee3f2a4043e9a375fd00deb246b9711a4f1d

      Download Submit

    • memory/2060-0-0x0000000000400000-0x000000000042A000-memory.dmp

      Filesize

      168KB

      Download

    • memory/2060-1-0x0000000000400000-0x000000000042A000-memory.dmp

      Filesize

      168KB

      Download

    • memory/2060-7-0x0000000000400000-0x000000000042A000-memory.dmp

      Filesize

      168KB

      Download

    • memory/2060-14-0x0000000000400000-0x000000000042A000-memory.dmp

      Filesize

      168KB

      Download

    • memory/2060-21-0x0000000000400000-0x000000000042A000-memory.dmp

      Filesize

      168KB

      Download

    • memory/2060-28-0x0000000000400000-0x000000000042A000-memory.dmp

      Filesize

      168KB

      Download