Overview

overview

4

Static

static

3

1e568f27b4...KI.exe

windows7-x64

1e568f27b4...KI.exe

windows10-2004-x64

Analysis

  • max time kernel
    15s
  • max time network
    16s
  • platform
    windows7_x64
  • resource
    win7-20240220-en
  • resource tags

    arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system
  • submitted
    07/05/2024, 20:09

Sharing

Copy URL Twitter E-mail

Errors

Reason
Machine shutdown
Report Analysis Logs

General

  • Target

    1e568f27b476f44968a69da09a28c0f0_NEIKI.exe

  • Size

    306KB

  • MD5

    1e568f27b476f44968a69da09a28c0f0

  • SHA1

    0548fad9cb7d4d1b8afb6b91e37f5370a0d759ee

  • SHA256

    dc72f876e1ca1638c9e1655c8447b698cc7baab5feaebc0d1d86d3ea9c6f494a

  • SHA512

    58fcbee87abeb1c47b571d1b70336d4a8d435b525abbaff1a3ec815399a77ab318007141d4105124580aa7fa6974e5855620ba7cd5b0f28e4f865f271f08c4f5

  • SSDEEP

    6144:61Pbwc2BVX/fGhQ/jyMtRrEHUmU54q0px9YuJ2i1yRV:0bwvDfGhQWM/OU541x9YuJ24W

Score
4/10

Malware Config

Signatures

  • Drops file in Windows directory 1 IoCs
  • Suspicious behavior: EnumeratesProcesses 1 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\1e568f27b476f44968a69da09a28c0f0_NEIKI.exe
    "C:\Users\Admin\AppData\Local\Temp\1e568f27b476f44968a69da09a28c0f0_NEIKI.exe"
    1⤵
    • Drops file in Windows directory
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    PID:2064
  • C:\Windows\system32\LogonUI.exe
    "LogonUI.exe" /flags:0x0
    1⤵
      PID:2572
    • C:\Windows\system32\LogonUI.exe
      "LogonUI.exe" /flags:0x1
      1⤵
        PID:2440

      Network

            MITRE ATT&CK Matrix

            Replay Monitor

            Loading Replay Monitor...

            Downloads

            • memory/2440-2-0x0000000002AB0000-0x0000000002AB1000-memory.dmp

              Filesize

              4KB

              Download

            • memory/2572-1-0x0000000002D90000-0x0000000002D91000-memory.dmp

              Filesize

              4KB

              Download