Overview

overview

7

Static

static

3

bfe0b77a44...cs.exe

windows7-x64

7

bfe0b77a44...cs.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    119s
  • max time network
    119s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    10/05/2024, 10:11 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    bfe0b77a44de4bad21c25f744eac5370_NeikiAnalytics.exe

  • Size

    79KB

  • MD5

    bfe0b77a44de4bad21c25f744eac5370

  • SHA1

    9627a3c75425226d03183675553b087170814968

  • SHA256

    e17a44fb53ce14974fd699211f5e96d6064589e7ab462a30d567050bf0ca03f4

  • SHA512

    01eb8536c801326a0ab30fd29dac210e4b276ceaadea6a102fd0571b92997e6068f53195844f14c3b7e922a249b515cec367765e1988304189c2f9b2e9cbdf2a

  • SSDEEP

    1536:zvAGxcVqjZf0T78OQA8AkqUhMb2nuy5wgIP0CSJ+5yCB8GMGlZ5G:zvAGGIfO9GdqU7uy5w9WMyCN5G

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 2 IoCs
  • Suspicious use of WriteProcessMemory 8 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\bfe0b77a44de4bad21c25f744eac5370_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\bfe0b77a44de4bad21c25f744eac5370_NeikiAnalytics.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2400
    • C:\Windows\SysWOW64\cmd.exe
      C:\Windows\system32\cmd.exe /c $TMP!10@.COM
      2⤵
      • Loads dropped DLL
      • Suspicious use of WriteProcessMemory
      PID:2568
      • C:\Users\Admin\AppData\Local\Temp\$TMP!10@.COM
        $TMP!10@.COM
        3⤵
        • Executes dropped EXE
        PID:3024

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\$TMP!10@.COM
    Filesize

    79KB

    MD5

    8467b04226385eb1531871552dcb539c

    SHA1

    651ca4279e5021623806438633b1d2072325b49c

    SHA256

    ce5237f1a539c54240e3ca9c9d873743475915a488228259eee2b4237468ecf8

    SHA512

    b7787dfb30d840da9caeb66775bdab2258776680c7295310cd890fac1a6aacc04095272d54bdd85809eb89f71e8c993dc288e530e46f8e7e42570dbc38e47523

    Download Submit

  • memory/2400-8-0x0000000000400000-0x000000000041B000-memory.dmp

    Filesize

    108KB

    Download

  • memory/3024-7-0x0000000000400000-0x000000000041B000-memory.dmp

    Filesize

    108KB

    Download

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.