Overview

overview

7

Static

static

3

314d82ac5e...cs.exe

windows7-x64

7

314d82ac5e...cs.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    142s
  • max time network
    165s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240226-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
  • submitted
    10/05/2024, 23:49

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    314d82ac5e4708d058c350d1cdbc3f80_NeikiAnalytics.exe

  • Size

    163KB

  • MD5

    314d82ac5e4708d058c350d1cdbc3f80

  • SHA1

    b82a9719c9c9fc34a89f7d47c308b5a9fe25f696

  • SHA256

    37b49e3e6b07006c70d9f48bb59d9003c0b4cb6d86f6ad7e1959776c43279a9a

  • SHA512

    96cc30a9240402ec03371c377d684cbd0c7a92d5c90f6f2bd90848896fd3e1547fd7889c4d226ab489de828770351a4fda9d115032b14b5a149522d7b0b944bf

  • SSDEEP

    1536:h13ucMq8rQQCmYPq/xZBhF4QpvlyWj199PiMK:Xucx81CmYPqjF4KvlrjUMK

Score
7/10
upx

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • UPX packed file 2 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Drops file in System32 directory 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\314d82ac5e4708d058c350d1cdbc3f80_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\314d82ac5e4708d058c350d1cdbc3f80_NeikiAnalytics.exe"
    1⤵
    • Drops file in System32 directory
    PID:1072
    • C:\Windows\SysWOW64\obvipof.exe
      "C:\Windows\SysWOW64\obvipof.exe"
      2⤵
      • Executes dropped EXE
      PID:4280
  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=1732 --field-trial-handle=2180,i,12780723798465539942,12010519452607841069,262144 --variations-seed-version /prefetch:8
    1⤵
      PID:1972

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\Windows\SysWOW64\obvipof.exe
      Filesize

      160KB

      MD5

      9153ae82d74fecf624fe7aac753f96df

      SHA1

      47ab6ea936fdf56d559bd8d44ba6041394e3fe8d

      SHA256

      503630f5c6ecc6d54ddb14226dc74d98c14bc300ce1c64bd761f62466b1af8cb

      SHA512

      d55f8821d1908f41de79146611d01ff78857e7c7bc0a1badcec104301a2afe63fa19f51c874404c0feef25255eef88ac206b84ac784f5baaa5c9d10e46a84018

      Download Submit

    • memory/1072-0-0x0000000077CF2000-0x0000000077CF3000-memory.dmp

      Filesize

      4KB

      Download

    • memory/1072-5-0x0000000000400000-0x0000000000403000-memory.dmp

      Filesize

      12KB

      Download

    • memory/4280-4-0x0000000000400000-0x0000000000428000-memory.dmp

      Filesize

      160KB

      Download