Analysis
-
max time kernel
131s -
max time network
100s -
platform
windows10-2004_x64 -
resource
win10v2004-20240419-en -
resource tags
-
submitted
08/05/2024, 09:49
General
-
Target
51fccb43adbf1af2720764f0452081f0_NEIKI.exe
-
Size
421KB
-
MD5
51fccb43adbf1af2720764f0452081f0
-
SHA1
9f4a64f9c428bceed2816773a44254f11b003402
-
SHA256
4a62596406bb7fa8e02d0a98e8791202e445a169f38f6808d7b6a82031fb7d1c
-
SHA512
677dd78c883e1e6ffb88c419f3a73a4b7f3e7368bb7a02c765e0eb57e084b8f68c35ae1dc1042911e9194294caed3a85388a6bdeaf96caaab687dc18a651bc60
-
SSDEEP
12288:Gi/pW2GQponR4INaTucBvqw51KNN3ZVnffrcM:GiM2GKonbNiDBvqw51KNZjnffrcM
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\51fccb43adbf1af2720764f0452081f0_NEIKI.exe"C:\Users\Admin\AppData\Local\Temp\51fccb43adbf1af2720764f0452081f0_NEIKI.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\3A88.tmp"C:\Users\Admin\AppData\Local\Temp\3A88.tmp" --pingC:\Users\Admin\AppData\Local\Temp\51fccb43adbf1af2720764f0452081f0_NEIKI.exe BB2AF57C06532158A0C941A4102497BE333382843C4D75B4D1F610D2072E3DD84062ECCAE4525C996BECC2035E45EE29EEC672240B2440ADECD53AF1564AA6F52⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
421KB
MD5197055109e98b066cfd71c682f81b3fd
SHA1242ea10f3925c62ea7ae12c9c2f042c7dfd046f5
SHA256a2c9247da0d2ffae35f812f211e3c90193b68641b9ed5a6d9aa6548f0ed12e41
SHA51258fc8315ec89a762537abc81d6ab4e298178e3b34f98882615492b7a0a20021e69218b0cada8f4c83c845ae46feffee35dc054754f6a9fff9aad92faf8419cf0