Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

3

1e6d133cf2...cs.dll

windows7-x64

1

1e6d133cf2...cs.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    51s
  • max time network
    55s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240508-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
  • submitted
    25/06/2024, 01:45

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    1e6d133cf2f50a64c215806eac12a357cdc0d421c23c4850e2e7aa921e33b51b_NeikiAnalytics.dll

  • Size

    1.7MB

  • MD5

    2ec9d70f447afc437fe0bb5a7368b7d0

  • SHA1

    4570327d0bdf271db55b1e7680d47893b2b3cd75

  • SHA256

    1e6d133cf2f50a64c215806eac12a357cdc0d421c23c4850e2e7aa921e33b51b

  • SHA512

    8dd887e453cf7dca23bca28982efd65962560ea5ae88b68cf5e85ef374407cf790ebba2afdafdf79754a2c15b4edd394c16a5f5c44f5527c3958f7b131b5976c

  • SSDEEP

    24576:CM+6U7fG9WahqI7iqn+dD0OJRZRDIQxheSyn0RzLo2I9998n4ACnaMFwpglfZnAF:K6KM1+PPWwNgUK8oZOR+6

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\1e6d133cf2f50a64c215806eac12a357cdc0d421c23c4850e2e7aa921e33b51b_NeikiAnalytics.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:3860
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\1e6d133cf2f50a64c215806eac12a357cdc0d421c23c4850e2e7aa921e33b51b_NeikiAnalytics.dll,#1
      2⤵
        PID:3224

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads