aa6e449e6babb1a591f972e51562c9c42b5c396b437ed18e89603f21949f7280

Analysis

max time kernel
121s
max time network
125s
platform
windows7_x64
resource
win7-20240220-en
resource tags

arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system
submitted
08-05-2024 21:58

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

6c7181251a07d546f223a9b2c43d5ed0_NEIKI.exe
Size

9.3MB
MD5

6c7181251a07d546f223a9b2c43d5ed0
SHA1

01f9bb5fae32a436e9b5f1c17b545819ad176850
SHA256

aa6e449e6babb1a591f972e51562c9c42b5c396b437ed18e89603f21949f7280
SHA512

f52ec7a2ce25513bfd0a5580939bef30bcec8c262d5c6322d7b2305b5aa1f5e3a401cd267c5fcd2f292770d8806998128643f5b4ebd13398d6aa1b96d35e6d4b
SSDEEP

196608:eKrnlZwqA+1W903eV4QRItpDjIIAcwDIlaUGfSEzRPkv/k9UpIi7:TLllW+eGQRg9jocBGKklX0

Score

7^/10

Malware Config

Signatures

Loads dropped DLL 7 IoCs

pid	Process
2788	6c7181251a07d546f223a9b2c43d5ed0_NEIKI.exe
2788	6c7181251a07d546f223a9b2c43d5ed0_NEIKI.exe
2788	6c7181251a07d546f223a9b2c43d5ed0_NEIKI.exe
2788	6c7181251a07d546f223a9b2c43d5ed0_NEIKI.exe
2788	6c7181251a07d546f223a9b2c43d5ed0_NEIKI.exe
2788	6c7181251a07d546f223a9b2c43d5ed0_NEIKI.exe
2788	6c7181251a07d546f223a9b2c43d5ed0_NEIKI.exe

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 2368 wrote to memory of 2788	2368	6c7181251a07d546f223a9b2c43d5ed0_NEIKI.exe	28
PID 2368 wrote to memory of 2788	2368	6c7181251a07d546f223a9b2c43d5ed0_NEIKI.exe	28
PID 2368 wrote to memory of 2788	2368	6c7181251a07d546f223a9b2c43d5ed0_NEIKI.exe	28

C:\Users\Admin\AppData\Local\Temp\6c7181251a07d546f223a9b2c43d5ed0_NEIKI.exe
"C:\Users\Admin\AppData\Local\Temp\6c7181251a07d546f223a9b2c43d5ed0_NEIKI.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:2368
- C:\Users\Admin\AppData\Local\Temp\6c7181251a07d546f223a9b2c43d5ed0_NEIKI.exe
  "C:\Users\Admin\AppData\Local\Temp\6c7181251a07d546f223a9b2c43d5ed0_NEIKI.exe"
  2⤵
  - Loads dropped DLL
  PID:2788

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Temp\_MEI23682\api-ms-win-core-localization-l1-2-0.dll

Filesize
15KB

MD5
25ea2bbc7aa1133dfb1d63a885be7ff1

SHA1
ff20767b74b2e8cba08c995bd1c8db9bb18794c8

SHA256
90d34fb9de333244dad25750e3eeceddc7dd0894cdcac736d68246b565c5ab2e

SHA512
54e1aae6d8b42492003bb7866cdc6c30b28db72847a82b9eaf3bf7087d12cad458fdb9fad0b19a093ccf0f5e0aaf01cb1763f30a58acc3d32d3e7406ef47f3d4

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI23682\python312.dll

Filesize
6.6MB

MD5
5c5602cda7ab8418420f223366fff5db

SHA1
52f81ee0aef9b6906f7751fd2bbd4953e3f3b798

SHA256
e7890e38256f04ee0b55ac5276bbf3ac61392c3a3ce150bb5497b709803e17ce

SHA512
51c3b4f29781bb52c137ddb356e1bc5a37f3a25f0ed7d89416b14ed994121f884cb3e40ccdbb211a8989e3bd137b8df8b28e232f98de8f35b03965cfce4b424f

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI23682\ucrtbase.dll

Filesize
987KB

MD5
544ce562a67df746b3369bba2601e4e4

SHA1
b8848f9866c9a0cd1898e47b4e4b1c9cb2fa549b

SHA256
a84411763ca7d3d39a87a52b6bd8a1ca59e5ce58805bda1b39d30a50da270ea4

SHA512
dc4fea162ae25ba22286617a68b63f3a556f4be185338f89b0a16da38ebba0407639ac19497ac166de6ca59733121ff9af2af5d407a246c1260ec2a4694795a7

Download Submit
\Users\Admin\AppData\Local\Temp\_MEI23682\api-ms-win-core-file-l1-2-0.dll

Filesize
13KB

MD5
6e738ef1439e9a5ca13bc964595cc34b

SHA1
79dd310be603d1d03a97ef8ad9068df1bb12a1f3

SHA256
337a2a904ac4f2d9db73d8aa5ee025fc86ef217d2cc1c73c03abf4966e063ac5

SHA512
a1016e22b166955dc4bee6b8138734df991a333e43f5589acc59220c1ffa125e10640b1ccc888558489886c7fcbf32bb705d160306aeac9bd7f51c2778b7bb2f

Download Submit
\Users\Admin\AppData\Local\Temp\_MEI23682\api-ms-win-core-file-l2-1-0.dll

Filesize
13KB

MD5
ffbe5664cbd43a85ce323085fa288d91

SHA1
0573cdb668ed0214a01ce750e92461aa7e4d4091

SHA256
adaeb469f8478db38491e76842f624cf71943402da64b438cd957e331ac38496

SHA512
03c7909669387372b1a69215705127843cdea559915eb047856e15a2cb801c16e87f965da67b02a4de3b9ab04aba059f831a11d48b7871ca7f086842fb5bc8c7

Download Submit
\Users\Admin\AppData\Local\Temp\_MEI23682\api-ms-win-core-processthreads-l1-1-1.dll

Filesize
13KB

MD5
f5fa1dd58c5ce4a6006d87a8306e97b5

SHA1
84287c3429ac71e71a936d0c5072d144dd45f290

SHA256
64f0df01e589bcfe3a935e728571f13f5fde3ce047119126ff26a37d86cdc2fa

SHA512
ef10221df2b54b11bc320e6fb9cbf342bd783eb5416ded3fd7bb643bfd04f889f3e7ea33b5e0b1c86d5222807dc46f569f8aa426c39e9f6c4d1553ed54f86094

Download Submit
\Users\Admin\AppData\Local\Temp\_MEI23682\api-ms-win-core-timezone-l1-1-0.dll

Filesize
13KB

MD5
545f4c472958665b25fc032058ecff63

SHA1
0e3c6a78398524c6478f068bec592b6ebbac41d6

SHA256
76dd6964fc1ec23b4ca1bfb0f0b9bb9831dedd238a983d0f07a87c99d50bfe9f

SHA512
06cf60fe7df757dd246adcf502103416a809a23674413ede994c3e1dda7788879519530482e75c63b4c4e4cba7c6ba9a32de35add81344276ab2df8237a4c8bb

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads