Analysis

  • max time kernel
    149s
  • max time network
    152s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240508-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
  • submitted
    10-05-2024 11:46

General

  • Target

    d6316aed11355d79b27b2cb465e38190_NeikiAnalytics.exe

  • Size

    79KB

  • MD5

    d6316aed11355d79b27b2cb465e38190

  • SHA1

    addd62bff1c97a4a354789e44286c9db386f72d5

  • SHA256

    a9b1a61837a00fb89d6fca1f54ac163c0eb3a9ecb70368b7bd1c5af51bdba98c

  • SHA512

    0ae93f82baa754817150106f5dbf8123ff4684716634093ecfd32aff18aa9499160487ec1311bee2b020df172ee64512591622603cd1c2d3eeeb5f6a133eab7f

  • SSDEEP

    1536:zvANfA7voIfaFOQA8AkqUhMb2nuy5wgIP0CSJ+5yCB8GMGlZ5G:zvANfvi9GdqU7uy5w9WMyCN5G

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Suspicious use of WriteProcessMemory 6 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\d6316aed11355d79b27b2cb465e38190_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\d6316aed11355d79b27b2cb465e38190_NeikiAnalytics.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:4380

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\[email protected]

    Filesize

    79KB

    MD5

    b1a3a9fae907e27bf8df6bff9e2f5975

    SHA1

    4df4f0909a15b78a5af49590bfc357210fd22a28

    SHA256

    a5013bc93ba28558b0ec4c2192d610cc4fc4b76a8a05e39d685c36a6a0562275

    SHA512

    2a06db1bacb91537cf3a4b5f3e95e8d620280972b16655f1c0b9083883f26ac0b918fead0f30eb0d41b1fd0c8a0a30f4e25f123f0f19e5b8942190c087a59728

  • memory/996-5-0x0000000000400000-0x000000000041B000-memory.dmp

    Filesize

    108KB

  • memory/4380-6-0x0000000000400000-0x000000000041B000-memory.dmp

    Filesize

    108KB