Overview

overview

7

Static

static

3

ae907a2298...cs.exe

windows7-x64

7

ae907a2298...cs.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    121s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20240419-en
  • resource tags

    arch:x64arch:x86image:win7-20240419-enlocale:en-usos:windows7-x64system
  • submitted
    10-05-2024 08:54

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ae907a229875c63a9f17ae351c3fd890_NeikiAnalytics.exe

  • Size

    512KB

  • MD5

    ae907a229875c63a9f17ae351c3fd890

  • SHA1

    0146809351247b9281f43c18b5bdf68285bc5e74

  • SHA256

    5ab8fbb081078461922ee6b2c6febff9c436095ed91b75feb7d9e34f51fb4f61

  • SHA512

    a797a5e0f2312e095be7e98e2faf9292fd8eb6876fe55ba667ed4dafe51c342e55df0235134f13da02cf726b4b16306fe97e6c756adf7b8858296ee1279bf5b9

  • SSDEEP

    12288:lGTdALWsKTGfHmCyfi0npM4dl0v5Jdm5IpS:lGiiHkmCyfiEM4dmv5Bw

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious behavior: RenamesItself 1 IoCs
  • Suspicious use of UnmapMainImage 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\ae907a229875c63a9f17ae351c3fd890_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\ae907a229875c63a9f17ae351c3fd890_NeikiAnalytics.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: RenamesItself
    • Suspicious use of WriteProcessMemory
    PID:2440
    • C:\Users\Admin\AppData\Local\Temp\ae907a229875c63a9f17ae351c3fd890_NeikiAnalytics.exe
      C:\Users\Admin\AppData\Local\Temp\ae907a229875c63a9f17ae351c3fd890_NeikiAnalytics.exe
      2⤵
      • Deletes itself
      • Executes dropped EXE
      • Suspicious behavior: GetForegroundWindowSpam
      • Suspicious use of UnmapMainImage
      PID:2612

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Users\Admin\AppData\Local\Temp\ae907a229875c63a9f17ae351c3fd890_NeikiAnalytics.exe
    Filesize

    512KB

    MD5

    c04fc33dba9ef7499f1970464a9a5ecc

    SHA1

    c55b87fe4a47d499027ef508737a658012fedb2c

    SHA256

    79b1209478ce839ad783ee0f542b86281725fa4ab6acdf692d07d414b0ed2cad

    SHA512

    280ff8aa2a3f47a875824837d8b621446aa61a85bbac942737e5a8675186a0a444c4802bdd6db452be690faa3c72573f72dd23bc6f7d77696447a1157ec0ad92

    Download Submit

  • memory/2440-0-0x0000000000400000-0x000000000043F000-memory.dmp

    Filesize

    252KB

    Download

  • memory/2440-6-0x0000000000130000-0x000000000016F000-memory.dmp

    Filesize

    252KB

    Download

  • memory/2440-10-0x0000000000400000-0x000000000043F000-memory.dmp

    Filesize

    252KB

    Download

  • memory/2612-11-0x0000000000400000-0x000000000043F000-memory.dmp

    Filesize

    252KB

    Download

  • memory/2612-12-0x0000000000400000-0x0000000000415000-memory.dmp

    Filesize

    84KB

    Download

  • memory/2612-17-0x0000000000130000-0x000000000016F000-memory.dmp

    Filesize

    252KB

    Download

  • memory/2612-18-0x0000000000400000-0x000000000043F000-memory.dmp

    Filesize

    252KB

    Download