0a6d7161d587a330ce9d4773fd92dd78705dee88519b3a90843b2b8b879e8b0a

Analysis

max time kernel
120s
max time network
125s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
08-05-2024 05:56

Target

ec7d3ce281eefe3372efeb840896bf80_NEIKI.exe
Size

196KB
MD5

ec7d3ce281eefe3372efeb840896bf80
SHA1

d4968407be7b2922f381f3ac5c8612754cbde3de
SHA256

0a6d7161d587a330ce9d4773fd92dd78705dee88519b3a90843b2b8b879e8b0a
SHA512

6b51b9d47bb919f12f2a47d89a7df1f055063a236e0ab74b780ffd8e7883a17aeb466fed2b0a496d91387d47f5c27b0ebb06dad84bddb80fb86c95a190ef48a0
SSDEEP

3072:UMV/O+5Gwgk9qtzl3DpHi5SE1t/bQzd/u/K1kP4VRaNA66j:UMV55Gwgk4U5So/smi1kP4VRID

Score

1^/10

Suspicious use of SetWindowsHookEx 2 IoCs

pid	Process
2292	ec7d3ce281eefe3372efeb840896bf80_NEIKI.exe
2292	ec7d3ce281eefe3372efeb840896bf80_NEIKI.exe

C:\Users\Admin\AppData\Local\Temp\ec7d3ce281eefe3372efeb840896bf80_NEIKI.exe
"C:\Users\Admin\AppData\Local\Temp\ec7d3ce281eefe3372efeb840896bf80_NEIKI.exe"
1⤵
- Suspicious use of SetWindowsHookEx
PID:2292

memory/2292-0-0x000007FEF51A3000-0x000007FEF51A4000-memory.dmp

Filesize
4KB

Download
memory/2292-1-0x00000000002B0000-0x00000000002E6000-memory.dmp

Filesize
216KB

Download
memory/2292-2-0x000007FEF51A0000-0x000007FEF5B8C000-memory.dmp

Filesize
9.9MB

Download
memory/2292-3-0x000007FEF51A0000-0x000007FEF5B8C000-memory.dmp

Filesize
9.9MB

Download
memory/2292-4-0x000007FEF51A0000-0x000007FEF5B8C000-memory.dmp

Filesize
9.9MB

Download
memory/2292-5-0x000007FEF51A0000-0x000007FEF5B8C000-memory.dmp

Filesize
9.9MB

Download
memory/2292-6-0x000007FEF51A3000-0x000007FEF51A4000-memory.dmp

Filesize
4KB

Download
memory/2292-7-0x000007FEF51A0000-0x000007FEF5B8C000-memory.dmp

Filesize
9.9MB

Download