Overview

overview

7

Static

static

3

68194faccf...KI.exe

windows7-x64

7

68194faccf...KI.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    119s
  • max time network
    120s
  • platform
    windows7_x64
  • resource
    win7-20240215-en
  • resource tags

    arch:x64arch:x86image:win7-20240215-enlocale:en-usos:windows7-x64system
  • submitted
    08/05/2024, 10:37

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    68194faccfd7dd928384cdb9fe5d3be0_NEIKI.exe

  • Size

    1.0MB

  • MD5

    68194faccfd7dd928384cdb9fe5d3be0

  • SHA1

    52b48aba05b6b876eea2d1fc82f27c6f6ea51a65

  • SHA256

    ec57729999c4cc0df504510124f4878f5b9e1070654a38b19e8a5e5dc7ad8264

  • SHA512

    ec80020e4116afb4e37e5cb6da3e582dc5252fe067b460f0a3ca632feb651fc886c7a44645fd4e6899a644b7a9614f40620e825678ae8f0d05bdece7fd0e84a1

  • SSDEEP

    12288:A5WrwPzeWI4MIJRSyQO4gBj5BMfAbQ84Yc8SwstkOFxqkT6aV0in21Rw:AawPKWFM2RvQOTF5Pcdt9FtT6/82n

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 2 IoCs
  • Drops file in System32 directory 1 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\68194faccfd7dd928384cdb9fe5d3be0_NEIKI.exe
    "C:\Users\Admin\AppData\Local\Temp\68194faccfd7dd928384cdb9fe5d3be0_NEIKI.exe"
    1⤵
    • Loads dropped DLL
    • Drops file in System32 directory
    • Suspicious use of SetWindowsHookEx
    PID:1732

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • \Windows\SysWOW64\ESPI11.dll
          Filesize

          120KB

          MD5

          6ded751b628ddb2a1c0c05f18858437c

          SHA1

          d1c98eb12d23975332ce59e17e8e1e3f3ad498fd

          SHA256

          6733977939a17dafb2e100c898fd0948095b6b33e8362aebe57ef7ea87db58ab

          SHA512

          554facab0a0d4b75504b0e3f9f8eda4ed0808e5397a214f3bf0c282542dfc2024c449b03c1aa9c1700307ce72ca88c1414650ec865b6e353b5d70f53aab10710

          Download Submit