Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

07bab5b77c...cs.exe

windows7-x64

7

07bab5b77c...cs.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    118s
  • max time network
    119s
  • platform
    windows7_x64
  • resource
    win7-20240611-en
  • resource tags

    arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
  • submitted
    16/06/2024, 20:55

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    07bab5b77c08d7588f6cd5731bc5d650_NeikiAnalytics.exe

  • Size

    3.2MB

  • MD5

    07bab5b77c08d7588f6cd5731bc5d650

  • SHA1

    4a8b2bfa008798dd68e27153ea8653d5886084e8

  • SHA256

    68561839e5f7b35a637ec4eba89cf19d63040d99ea15fc96be625f1ed4311320

  • SHA512

    e68597b0a1b658e4f362f1beba2b0712c21ce34f0f904db8f854866906b0cbc12a6cf951c6accceea0e50b49bf1a0b23d3c3c99d5c38ff703043dbfbcadd3189

  • SSDEEP

    98304:FgwiBKVKRGq1lMRXXslGjDEcBzFUxaGVrIuSk:FW2Y6RuGvVF6rIuSk

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • Drops file in Windows directory 2 IoCs
  • Suspicious behavior: EnumeratesProcesses 8 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\07bab5b77c08d7588f6cd5731bc5d650_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\07bab5b77c08d7588f6cd5731bc5d650_NeikiAnalytics.exe"
    1⤵
    • Loads dropped DLL
    • Drops file in Windows directory
    • Suspicious behavior: EnumeratesProcesses
    PID:2020

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\GLI20AF.tmp
    Filesize

    187B

    MD5

    85d8a290302673727771b230bd2f21d2

    SHA1

    930b14352b3a6b8157a9b0a4d3a601831fc313ff

    SHA256

    c59eb3eabf2ea1c8dc8242c063ab5882dab4f5a599821733790d5c247d34aa4b

    SHA512

    35afbf05b6ca4675c0c2e96721245c249f29278e2a6747b42a5f69e784cc5e8d1b4ead20d33fbdf41c405ce8e67904277a3c39d853a4da267e060be0fbb7cf36

    Download Submit

  • \Users\Admin\AppData\Local\Temp\GLC14D8.tmp
    Filesize

    155KB

    MD5

    f2340a00438cc990fee6dda07caf9499

    SHA1

    3e4112beb0597e0119fe33ea7bf97fbc83a713ab

    SHA256

    4efbe3c16f83ee79aaba6eff338e5d4fc8f06449f9df89cacec92c7af2629f42

    SHA512

    c92e2030f7fbd97dfc4084e2beb24198b793fcf3645c1e72db736ccb8a1daaff90597f286f1e2109a40aea7823719ed883db49bbae1a2320de451077ecbdc049

    Download Submit