Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

3

3fdd7c879c...cs.exe

windows7-x64

1

3fdd7c879c...cs.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    135s
  • max time network
    149s
  • platform
    windows7_x64
  • resource
    win7-20240611-en
  • resource tags

    arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
  • submitted
    12/06/2024, 13:54 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    3fdd7c879cd00e59dc9824cfb23b6bf0_NeikiAnalytics.exe

  • Size

    350KB

  • MD5

    3fdd7c879cd00e59dc9824cfb23b6bf0

  • SHA1

    aef789b41a74957edd0c3ea04ca3f23bdbcaac78

  • SHA256

    f2e3b9adb68523707eafe0f92a2dab8f5f4a00a6083c9cbb1377d4a4957f1db1

  • SHA512

    1fc39ceb8bdda455f53c21790752a4169e0bb99b7eaf977155d0799de00dfe3152915291f6d90b6ad2168f5539fbdabd5e811dfe01b35a2575ab4bbbec9e31e1

  • SSDEEP

    6144:lcMjxjSvIHuT0yZbvut3aCxUGSmJ7ylTN2DewyY9egLRqPAh7m57e:lZjxBe0Mru0qos6wZqPm

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 12 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\3fdd7c879cd00e59dc9824cfb23b6bf0_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\3fdd7c879cd00e59dc9824cfb23b6bf0_NeikiAnalytics.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    PID:1344

Network

  • flag-us
    DNS
    5oss.oss-cn-hangzhou.aliyuncs.com
    3fdd7c879cd00e59dc9824cfb23b6bf0_NeikiAnalytics.exe
    Remote address:
    8.8.8.8:53
    Request
    5oss.oss-cn-hangzhou.aliyuncs.com
    IN A
    Response
    5oss.oss-cn-hangzhou.aliyuncs.com
    IN A
    121.199.204.180
  • 121.199.204.180:443
    5oss.oss-cn-hangzhou.aliyuncs.com
    3fdd7c879cd00e59dc9824cfb23b6bf0_NeikiAnalytics.exe
    152 B
     3
  • 121.199.204.180:443
    5oss.oss-cn-hangzhou.aliyuncs.com
    3fdd7c879cd00e59dc9824cfb23b6bf0_NeikiAnalytics.exe
    152 B
     3
  • 121.199.204.180:443
    5oss.oss-cn-hangzhou.aliyuncs.com
    3fdd7c879cd00e59dc9824cfb23b6bf0_NeikiAnalytics.exe
    152 B
     3
  • 121.199.204.180:443
    5oss.oss-cn-hangzhou.aliyuncs.com
    3fdd7c879cd00e59dc9824cfb23b6bf0_NeikiAnalytics.exe
    152 B
     3
  • 121.199.204.180:443
    5oss.oss-cn-hangzhou.aliyuncs.com
    3fdd7c879cd00e59dc9824cfb23b6bf0_NeikiAnalytics.exe
    152 B
     3
  • 121.199.204.180:443
    5oss.oss-cn-hangzhou.aliyuncs.com
    3fdd7c879cd00e59dc9824cfb23b6bf0_NeikiAnalytics.exe
    152 B
     3
  • 8.8.8.8:53
    5oss.oss-cn-hangzhou.aliyuncs.com
    dns
    3fdd7c879cd00e59dc9824cfb23b6bf0_NeikiAnalytics.exe
    79 B
     95 B
     1
    1

    DNS Request

    5oss.oss-cn-hangzhou.aliyuncs.com

    DNS Response

    121.199.204.180

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1344-0-0x0000000000360000-0x000000000036A000-memory.dmp

    Filesize

    40KB

    Download

  • memory/1344-1-0x000007FEF7D80000-0x000007FEF7D90000-memory.dmp

    Filesize

    64KB

    Download

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.