89641fb7035b0fddd8b1a7480b48797f2f3f5e010c30a98349453ed8bfcffe6a | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

7

a18c523c15...cs.exe

windows7-x64

a18c523c15...cs.exe

windows10-2004-x64

Sharing

General

Target

a18c523c15c4c082eb21a8391ce43d10_NeikiAnalytics.exe
Size

41KB
Sample

240603-nest3sce7t
MD5

a18c523c15c4c082eb21a8391ce43d10
SHA1

e17339996daf0f7a89a1878897087ad65925184f
SHA256

89641fb7035b0fddd8b1a7480b48797f2f3f5e010c30a98349453ed8bfcffe6a
SHA512

a83cf03705c7e069f81b0b74be43d7f5dd24839cb24d12e3b48cc5e0321fb2fc904a47f9f72f6bc80df34844a7f1ce1ccc7e93c73f9ee2b0e49ac2f9bfa0eafe
SSDEEP

384:XqnuO1JCHYdHz4XpfHEI6/dDEPjaVC6fMbUyFm0tyXLBI89wvuAv1mwnA3Z3BXRC:Xqnum1F6/789ujYTyLylze70wi3BEma

Score

10^/10

evasion upx

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

a18c523c15c4c082eb21a8391ce43d10_NeikiAnalytics.exe

Resource

win7-20240221-en

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

a18c523c15c4c082eb21a8391ce43d10_NeikiAnalytics.exe

Resource

win10v2004-20240508-en

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Targets

- Target
  
  a18c523c15c4c082eb21a8391ce43d10_NeikiAnalytics.exe
- Size
  
  41KB
- MD5
  
  a18c523c15c4c082eb21a8391ce43d10
- SHA1
  
  e17339996daf0f7a89a1878897087ad65925184f
- SHA256
  
  89641fb7035b0fddd8b1a7480b48797f2f3f5e010c30a98349453ed8bfcffe6a
- SHA512
  
  a83cf03705c7e069f81b0b74be43d7f5dd24839cb24d12e3b48cc5e0321fb2fc904a47f9f72f6bc80df34844a7f1ce1ccc7e93c73f9ee2b0e49ac2f9bfa0eafe
- SSDEEP
  
  384:XqnuO1JCHYdHz4XpfHEI6/dDEPjaVC6fMbUyFm0tyXLBI89wvuAv1mwnA3Z3BXRC:Xqnum1F6/789ujYTyLylze70wi3BEma
Score

10^/10

evasion upx
- Modifies visibility of file extensions in Explorer
  evasion
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy