Overview

overview

8

Static

static

3

d2e04e5faf...KI.exe

windows7-x64

8

d2e04e5faf...KI.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    133s
  • max time network
    102s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240419-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240419-enlocale:en-usos:windows10-2004-x64system
  • submitted
    08/05/2024, 04:39

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    d2e04e5faf79d6a372ff9ef427e8e2d0_NEIKI.exe

  • Size

    183KB

  • MD5

    d2e04e5faf79d6a372ff9ef427e8e2d0

  • SHA1

    4d89cea0b63ebeb3ff922cabf187edc9a1c615bf

  • SHA256

    182d774de02004cac2d5fd4034b47fb1371ca4cff791d97c86d0473a1b6e1bee

  • SHA512

    ed3beab98640a85415b5cfa8b65ad796a995e2a60034b3e212e89c00676d65b2119819839a98d5aa55e7962685d55d9651640d44cf50433bc090960e80aaa746

  • SSDEEP

    3072:2e+N8sceIO+wq4YuThkFcex8kD4wuitYpI0dZef0+3:2eBe2wsuThkKe81ppIwZef0+3

Score
8/10
persistence

Malware Config

Signatures

Processes

  • C:\Users\Admin\AppData\Local\Temp\d2e04e5faf79d6a372ff9ef427e8e2d0_NEIKI.exe
    "C:\Users\Admin\AppData\Local\Temp\d2e04e5faf79d6a372ff9ef427e8e2d0_NEIKI.exe"
    1⤵
    • Drops file in Program Files directory
    PID:4632
  • C:\PROGRA~3\Mozilla\fccarae.exe
    C:\PROGRA~3\Mozilla\fccarae.exe -cxdgtgc
    1⤵
    • Executes dropped EXE
    • Drops file in Program Files directory
    PID:3292

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\ProgramData\Mozilla\fccarae.exe
    Filesize

    183KB

    MD5

    5ee022ee063484d718aa917ea98dfb37

    SHA1

    020f396ce40c6a5c2b8157a6d5321c99705c5fc0

    SHA256

    484597d7cf7d12878e87d542488287dc506893807bf12a56c8acf7908b49ff93

    SHA512

    1bcf4cda04f18a99601474a48e326ffd15e3ea82b2734520d4410381716dc7b80cc9d1220ac74b1f84710acb87f29a6c2e0749c2184aa8372be39cf57122314b

    Download Submit

  • memory/3292-10-0x00000000007D0000-0x000000000082B000-memory.dmp

    Filesize

    364KB

    Download

  • memory/4632-0-0x0000000000402000-0x0000000000404000-memory.dmp

    Filesize

    8KB

    Download

  • memory/4632-2-0x00000000007D0000-0x000000000082B000-memory.dmp

    Filesize

    364KB

    Download

  • memory/4632-8-0x0000000000400000-0x0000000000431000-memory.dmp

    Filesize

    196KB

    Download