f86cc0bf7448f3e37f259beb5ba77e82f6b1a835a3dbc1183eb2649e726cd6b0

Analysis

max time kernel
121s
max time network
121s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
08-05-2024 10:45

Target

6be45d8c67af099155a311ccaf3f39c0_NEIKI.exe
Size

73KB
MD5

6be45d8c67af099155a311ccaf3f39c0
SHA1

19e0ca723936adb5493e78a889fb9446b6e02e66
SHA256

f86cc0bf7448f3e37f259beb5ba77e82f6b1a835a3dbc1183eb2649e726cd6b0
SHA512

f5ad23f302e5335c83f5da7337efa0b6bfcb59ee15f17ffd5d8353ce54a2708dec1724fb9d5b781a0b9eb0f7ccef6b0483d079e8eeeee169b596089d775dbf9e
SSDEEP

1536:1PME0nJHEleopj5g2X+UuxCQT+fByvWmRjNvNHKIQwoF:xeKn95d+RCQmByH9NJq

Score

7^/10

Executes dropped EXE 1 IoCs

pid	Process
2964	ouggeamen-eaxooc.exe

Loads dropped DLL 1 IoCs

pid	Process
1888	6be45d8c67af099155a311ccaf3f39c0_NEIKI.exe

Drops file in System32 directory 2 IoCs

description	ioc	Process
File opened for modification	C:\Windows\SysWOW64\ouggeamen-eaxooc.exe	6be45d8c67af099155a311ccaf3f39c0_NEIKI.exe
File created	C:\Windows\SysWOW64\ouggeamen-eaxooc.exe	6be45d8c67af099155a311ccaf3f39c0_NEIKI.exe

C:\Users\Admin\AppData\Local\Temp\6be45d8c67af099155a311ccaf3f39c0_NEIKI.exe
"C:\Users\Admin\AppData\Local\Temp\6be45d8c67af099155a311ccaf3f39c0_NEIKI.exe"
1⤵
- Loads dropped DLL
- Drops file in System32 directory
PID:1888
- C:\Windows\SysWOW64\ouggeamen-eaxooc.exe
  "C:\Windows\SysWOW64\ouggeamen-eaxooc.exe"
  2⤵
  - Executes dropped EXE
  PID:2964

\Windows\SysWOW64\ouggeamen-eaxooc.exe

Filesize
70KB

MD5
1da4a32fe04c1e6d0758672c29d0a397

SHA1
9f930a13b8f490b4de6e5481491f8b07ab2fc464

SHA256
712ffb93479447cdbc0fa293145493102b422660b68bba8ffefc576be22ca94d

SHA512
9fb40fac91d84826ad4034747a1c03748cb0b94bd0c8575883633ebb29c8baaee5b91967fc3823a652af328f3be7c2d1beed85c0b069f919a02c409deaf08545

Download Submit
memory/1888-5-0x0000000000400000-0x0000000000403000-memory.dmp

Filesize
12KB

Download