Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
120s -
max time network
124s -
platform
windows7_x64 -
resource
win7-20240611-en -
resource tags
-
submitted
13/06/2024, 03:16
General
-
Target
5a1a91355a41dda64b09d0b5a119f550_NeikiAnalytics.exe
-
Size
808KB
-
MD5
5a1a91355a41dda64b09d0b5a119f550
-
SHA1
e999f795b713933d613b319caac419e92a41cb86
-
SHA256
319c4e645a15ff3e78df885bc7040877e27e00da6e983149a3512ca6b2905607
-
SHA512
b464972c9a743027ebdc9acec78587a36485b67b0ceca49138d3e94d3f7c84210a429883ec4fd2f8fcce36756a4206302d1aa970d27ab97349a01ae1feddd869
-
SSDEEP
12288:vw+WNwkEpCNbMpLh3H9OiETxSGgEL/4sVktkC9KJLZmN1b0b:vwEkE0MhhNOrtS0/4kktkVLZmN14b
Malware Config
Signatures
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\5a1a91355a41dda64b09d0b5a119f550_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\5a1a91355a41dda64b09d0b5a119f550_NeikiAnalytics.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\580F.tmp"C:\Users\Admin\AppData\Local\Temp\580F.tmp"2⤵
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
808KB
MD5e854c178a51a45e6119ad3bf3605e1c5
SHA1e955867ee043a6fda38916d6404c1792a68a2825
SHA2568058ece8965fa1a365ce83927dd51b8176faee51da384ff89a6e4940a39b26d2
SHA5120d8c6b40f278c2923ac26557e8618a3a7d502c2d01ec2862edcdfe00cf2a33f4b7dacbeb6d063a0bd2642fabbd4354bacd352e959d2e1964ffb1f9a2dbf2db05