f30133c3e5ecbd1b64c96105dab2127206e220bc0e0cbda9c68adb1d4a4fd334

Analysis

max time kernel
140s
max time network
144s
platform
windows10-2004_x64
resource
win10v2004-20240426-en
resource tags

arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system
submitted
10/05/2024, 21:55

Target

11bddd4845aee9eb6c9f9211a65e1570_NeikiAnalytics.dll
Size

26KB
MD5

11bddd4845aee9eb6c9f9211a65e1570
SHA1

220264cea8d2fda3184869ae303002e4e27372be
SHA256

f30133c3e5ecbd1b64c96105dab2127206e220bc0e0cbda9c68adb1d4a4fd334
SHA512

3acd1784311f7289123a8d4f2f8e076fef7030c6167450aba6bb7aa0bc28032f89e718d8aa753ce71ffac3e1bee660dca2282bbc8588e2d2587bdb91d3595111
SSDEEP

768:V9yOV8moqaWo2IEAOhKm4iLIgM43WW68+oAehCua0SfPuiSYzfzaLTEO:V9yOVzac0zfzoT/

Score

1^/10

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 1356 wrote to memory of 3752	1356	rundll32.exe	82
PID 1356 wrote to memory of 3752	1356	rundll32.exe	82
PID 1356 wrote to memory of 3752	1356	rundll32.exe	82

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\11bddd4845aee9eb6c9f9211a65e1570_NeikiAnalytics.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:1356
- C:\Windows\SysWOW64\rundll32.exe
  rundll32.exe C:\Users\Admin\AppData\Local\Temp\11bddd4845aee9eb6c9f9211a65e1570_NeikiAnalytics.dll,#1
  2⤵
  PID:3752