Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

6bced3b7ed...cs.exe

windows7-x64

10

6bced3b7ed...cs.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    6bced3b7ed1c2c616909a7480acd5dc0_NeikiAnalytics.exe

  • Size

    3.0MB

  • Sample

    240613-j24gwazhld

  • MD5

    6bced3b7ed1c2c616909a7480acd5dc0

  • SHA1

    e40fb455ee3aafaf2d90348436a231f8e84f4827

  • SHA256

    9aa7f955b6b5e347dc01eb30834eb95cde00b44ae37c55953e25707903b5313b

  • SHA512

    68e5cf54a098e4e6730abfb3305a78078fab5ce060e2b5b6bc6f6a6d9d1c9e27845aadc21cf92cce518d242196936fc38204d9d13827256a748bec6167e88464

  • SSDEEP

    98304:71ONtyBeSFkXV1etEKLlWUTOfeiRA2R76zHrWD:7bBeSFk3

Score
10/10
xmrigexecutionminerupx

Malware Config

Targets

    • Target

      6bced3b7ed1c2c616909a7480acd5dc0_NeikiAnalytics.exe

    • Size

      3.0MB

    • MD5

      6bced3b7ed1c2c616909a7480acd5dc0

    • SHA1

      e40fb455ee3aafaf2d90348436a231f8e84f4827

    • SHA256

      9aa7f955b6b5e347dc01eb30834eb95cde00b44ae37c55953e25707903b5313b

    • SHA512

      68e5cf54a098e4e6730abfb3305a78078fab5ce060e2b5b6bc6f6a6d9d1c9e27845aadc21cf92cce518d242196936fc38204d9d13827256a748bec6167e88464

    • SSDEEP

      98304:71ONtyBeSFkXV1etEKLlWUTOfeiRA2R76zHrWD:7bBeSFk3

    Score
    10/10
    xmrigexecutionminerupx

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • XMRig Miner payload

      miner

    • Blocklisted process makes network request

    • Command and Scripting Interpreter: PowerShell

      Powershell Invoke Web Request.

      execution

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Legitimate hosting services abused for malware hosting/C2

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks