702bff158954c20a9d5a431a6fffec76d23a32c589afe4d845beb7abceec5d1c

Analysis

max time kernel
121s
max time network
122s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
08/05/2024, 09:12

Target

3f0d2be502f9825cd6d0a3088b319580_NEIKI.exe
Size

73KB
MD5

3f0d2be502f9825cd6d0a3088b319580
SHA1

61e4616602028896ce05f149e0dc2cbab9ad08a1
SHA256

702bff158954c20a9d5a431a6fffec76d23a32c589afe4d845beb7abceec5d1c
SHA512

0c585e0ee59d7a3b3d8a9def643ae6c2c9b12bdc8ef54b0deecd56213396f9958d414d81b822df0c0f39b61a9d40483917df91a78d6877ddb9d31c54543bdb2c
SSDEEP

1536:1YF8NLCofRLCg/pdsHT+obdo8Cgzvl4ooofgke253u2eH:uF+LCofRLCgxSzXo8CgpIo53u2s

Score

7^/10

Executes dropped EXE 1 IoCs

pid	Process
2352	eapgakoap.exe

Loads dropped DLL 1 IoCs

pid	Process
2904	3f0d2be502f9825cd6d0a3088b319580_NEIKI.exe

Drops file in System32 directory 2 IoCs

description	ioc	Process
File opened for modification	C:\Windows\SysWOW64\eapgakoap.exe	3f0d2be502f9825cd6d0a3088b319580_NEIKI.exe
File created	C:\Windows\SysWOW64\eapgakoap.exe	3f0d2be502f9825cd6d0a3088b319580_NEIKI.exe

C:\Users\Admin\AppData\Local\Temp\3f0d2be502f9825cd6d0a3088b319580_NEIKI.exe
"C:\Users\Admin\AppData\Local\Temp\3f0d2be502f9825cd6d0a3088b319580_NEIKI.exe"
1⤵
- Loads dropped DLL
- Drops file in System32 directory
PID:2904
- C:\Windows\SysWOW64\eapgakoap.exe
  "C:\Windows\SysWOW64\eapgakoap.exe"
  2⤵
  - Executes dropped EXE
  PID:2352

\Windows\SysWOW64\eapgakoap.exe

Filesize
70KB

MD5
50f662b80f5565275c052648e849ab33

SHA1
830566afaef58561cad4500d5a68b36a0402a3be

SHA256
f4322e8bba7bded45ae69a949809d2d61c19d56fee3c04b9381f5723e1470f1d

SHA512
ff9548c3b82965c2af61c29ca527ce67ebefa4054746913763305a5839b83a61a1ea3e2a9e5748ca58da3f5ae5f5a7f187ee96fada7752babf6988b096369690

Download Submit
memory/2904-5-0x0000000000400000-0x0000000000403000-memory.dmp

Filesize
12KB

Download