Overview

overview

3

Static

static

3

1628e9f095...cs.exe

windows7-x64

1

1628e9f095...cs.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    144s
  • max time network
    147s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    10/05/2024, 15:52

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    1628e9f095325132736785dca1996230_NeikiAnalytics.exe

  • Size

    1.7MB

  • MD5

    1628e9f095325132736785dca1996230

  • SHA1

    392821e749ab9dbd238fb4110c48ef67acb0b628

  • SHA256

    cc4e2124c482a542ec8294570f34c3633267b849167ccac27b7eed95d73b98eb

  • SHA512

    8a0768081f3bd1fab93cbc02f780de7c46333126f513f4d87a85519851bd6ac2d95325f7612f1b3738d388cca7e3e24fd0cc7bb750bb565d45818104f8a18197

  • SSDEEP

    24576:t7qi07iMEENz/mRbSSzz0Zr6ESlYBH9v6yaR+sUsnfh1NV2tijEJ:9qi0ONEV/+bSzr6ENBH9UR+ofZktij

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 34 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 8 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\1628e9f095325132736785dca1996230_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\1628e9f095325132736785dca1996230_NeikiAnalytics.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1240
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" http://www.ni.com/rteFinder?dest=lvrte&version=17.0&platform=Win7_32&lang=en
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:1868
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1868 CREDAT:275457 /prefetch:2
        3⤵
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:2640

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    fd0a712e78074116213137df37c78701

    SHA1

    ee58bc0d2e2cc327350dd6d1bad375b894bb9ae2

    SHA256

    1a0f0f751e72704860d383194f1952965d98164f12d0bb842b66d7efde06e41e

    SHA512

    8a2f7fff528d6ea5a3eec5b267a7ba5c243c5bf62c3251373b1957ec5bed1818523f8fc0823c7ffea2a06c99db280c8d87095888d566ee956f42b069864b31f5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a022f44ee7da080e0cc2b5b49bec66f6

    SHA1

    c28f3409c0bbc7bd0fadf6486aacdccd372d28e1

    SHA256

    3a8fc4481193fa52c5d9c298dc652cf2f3e0df56e4d82c2bfee9b9c6d6775a75

    SHA512

    2d40b83cd144de253cdd1948eed3998003c73c547af45311c7e69b383e5029e971f30012c3a91879184dfd3ebeb58be304199752773907d389105e31876d9526

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1c5bc6edb29029fa9107aeb69d85b767

    SHA1

    c2c450a7fb464fed0ca0d46754ee60d909da2ca2

    SHA256

    1f1f9e3027266c85cbfea089440fe8a83dae60235b862e0198dca6769e63dd19

    SHA512

    d02f472aa994f2c67d7a4173a6f45e1c278d8dbccff6456f33b7fddf7ac75004948c5ff99d74fb0bb51312908421ae9658876ee31911216be3b5cf793faac7f1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    28dc1f66cf69e3543668c7915d1080ac

    SHA1

    bb07800a67991da86f4c5fdeffbbdbf15eaf885a

    SHA256

    9a9bc8154d30ca327c4522360877e845336823256d3480370bd45f7d5b49aee6

    SHA512

    c4a24509b22a8b2e20e8284d15d5e34bcdf30eb1a305f176a5a831f3cf2f24211a448313410b65e1794c5a4827b636e98f71c0063f8cd95a2c6e948613a4123d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b49fc946464677f00e2f05b3687d55bb

    SHA1

    9cec1d82d99912826c781eb0e050a876157f3093

    SHA256

    def7c615f60960f817f9eb5dd330ba08a5ca1c095e7cdf0999746f8bea80efeb

    SHA512

    8080fa68f29b3ad40a7ff7dd6bf834ea9e812f8a9053c8f1396cae39e93fd09c3109b4747b651ca75a29af2c173ab2c9c44d28e2df6bcb6f0cf38da10066e486

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a92a4c2bed7e7dc9345c669b2683231b

    SHA1

    a4df96c22de62183c964d765e8f0849839a96be1

    SHA256

    ae78a772ab10707dba99a11a6b7853686b16398ada4155c1b1245eec590a2b85

    SHA512

    215335dd35790a8def41346dd565fc6e4a1b808b26e4e11f0fda58ffacf632ec80bf583df22f38721b3dd5d4015c6ab3166917fef7936d15f14481a39937e74c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    fd7496cf4126b9fa508dba5e46b2d537

    SHA1

    4b5653f3a09c44c70177312e9235bfb321bb2773

    SHA256

    c9816df2efeeb924611a47e0a488da3705ea6888eb5b0a36817bb5833f9f69cd

    SHA512

    3dea5f795ed91c7cc4a73d4068c2ee65e8367a16b596dcc90535489f737845358fe6858e5f9063f1f2615ff753cf4f0d725c1720a18569910f2950be9c6f37da

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    65e366e8d402e65d51d96f95dc8a4a6e

    SHA1

    db904662e6eaa35e5790c66688bcc52f4bdee74a

    SHA256

    4849d63c72725d909e0d65c73a83699b62c65c5f29ec56c35df577c0a5c2a912

    SHA512

    52e87c26fdacdbe1e29352c214140ac5d6dcdcfcc8f3f494c11f5cbd759ba1779cea712bfb025b8bcd0b0f39bb19d83b0a16e81af790d32044a52df5916a85d6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1630ff760fb4d4898c857e11e2f1b79f

    SHA1

    731eaed97bfe1827932e05e003b3bc29b91d4bed

    SHA256

    c8034ccee14b8df8d33dbf65962cb4cf6eb3735a680949a5803b8dc63d78b368

    SHA512

    a7f7e32045f2a61c8ec64c0c78225718c4b3d1ed526033bcc6c687111e0ecf032b60fac3a4e524b55fbdce874bbeb3198371ff38f132f6d64a55d8364e62ac68

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a0f74f8e030eb56df429d2f9bec4db72

    SHA1

    1c0c55b93f2176bf08e23760ed19e1c5bc620c9c

    SHA256

    36b0e8ce578655c56ad28333ebe0d43a2f20efdec427d5c6615deaaa7cbeef01

    SHA512

    42d348dd4f5a4c8142ff52e2d08c6a9ddfbd6d028819d17fb09785f5e75e70c9db28ceb79d56a7f7415e530ffd90e3d762b0bcc03ceb6b717be71b37ad7b5257

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d587138392ffbbdff473398a7342e877

    SHA1

    52794ba8978d0e9c2d17f13e29bd905d23b566e5

    SHA256

    76c1bb500b3963bc7c2c117bb87763dc05336f0424bdd3c2f8a1b5399546a5cc

    SHA512

    8bab2000f59465fc3d7a726f53b37252e65f71f2115bd78e54e15ef1de0b595cad0fbc895f2ff2016531a075e274976b84d0dd0e9f909c1680b052526389b5c4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9cb63a11fa7be17009c8d93161bfb4c9

    SHA1

    72ec848a4abd3d63119c3e873d4cc055c36845fc

    SHA256

    50b39a757709a37d84c99ae94e581faa7360db1e25c97dbfd5c7a772e987c02b

    SHA512

    7db273e35d0a77e710bf0532151762cea6a92fcd89fce9092370169e04e7fe26d36ef3c511bd58f9ee643243e55d5897ee1db367021d3e1eda3576d691d04125

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    101e2b4b78cdb1c52a3371ead1e3cf2e

    SHA1

    8a0f3a2e81a40b4033fb7784c6b1a53cf98642d1

    SHA256

    f2732a98303cae67100c014b79c5192474a372c61e825fc4c9f5eca9cab78992

    SHA512

    48cc77156b9499e00c00390f4faba0c0e1480e18ecd8a1cbe46656c06e8372d4fd3bbd6a3371d3cd5d3d1bb8c64ca862a0baf5b8d5d9774a8f18b89b10227a47

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a44a1ab1ec95e77f0538f197904c891e

    SHA1

    7a952391fbd000479dad46b24077bad5ab3df670

    SHA256

    52de3bf951e836cc748e3552c7ba395bed6ca44b6e3f74f1c8c00c872c7e962f

    SHA512

    522489c8998f3dc975bc6903c7bda2f39bbbadb383d0aec5c901cc5751065d7176ebc2c7d1f23f0ebab6fcb17bbe572b0fc3b8360ea1144a6ee7fb7e55a6ba75

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d4d1065ed6688abd08002e8da1bb76ce

    SHA1

    96a2d58ce1d76f8b34587cb43dc01a163aeb43a7

    SHA256

    791762a5cb9bf2a0df90d660395d0dcab64a084e1577ab624ca5a0012486b1e2

    SHA512

    011c97a17f5bd5f75d31d74992efa8601f4b406e2c811da485320a4c8e69dfbc955386386230b9fc1a73eed03e68c90ad446a414024e00908be1857f237f7443

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    dd4001571f1ada417a7cb8600abbaa35

    SHA1

    3dd5553b165b9ee5d1e2ad6f253a51da20c50e04

    SHA256

    b2961ab0ea19995a290a86d6a34b98a4d1612d8bac8b0309a26221452d858ac7

    SHA512

    06708e4b3597264592e82a88c714eb9571101438f8ed5050b31c12538b0c743b9f354b720b884d956fa404aab07a956c89355314014b6da0a7403e1eb0ae037a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ec66f481de18e1bc2aeb662ebd976ce2

    SHA1

    63ce1e129cbe9f800cad89aecf6c73af952a5015

    SHA256

    6a5f54d13b769101c0e19e6097bec26cbb32321fe7ab3f8ef3785ff8abae55f8

    SHA512

    c68eac7e76e39deb3007339d345e37a984db1a47306195f3cb6aef407305a03c0ccd327d30376f154ddf8a75c8c54ed6780d74590335f895b20175eab1807d74

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ba3ea258f1d895990223cfebefd1b96e

    SHA1

    e34094dd73cb2484998080f4ed6114c7b2a83184

    SHA256

    5d653aa8e9ce72c7ca494c8b99050a06d8432d8a744ae6f0559d1377354ae1f1

    SHA512

    7406cc4b1136c3c617611976b42df715f560408ea83cefa61517189a65c6eddf3356de43f8a27cbf47f95c3861fad641fb0ccb6701f95133a3fb63d76b8f70ca

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4fd827f07345fc0c1c9a333d7ca53309

    SHA1

    9433625a55d5e43224b61d43113bda811d94ea7b

    SHA256

    840e45f7b5b8c15d9634a6710c3249a7cc68802f5aea90bcd6f0b5685817b773

    SHA512

    407a5d0c0f8510955c14fbbb27ddf8a06b0516b2da89fd5670ef827ba120290e394c3ebf70a2e6c1306f3fd6162cc83e8b2665f3ef832e42941c322c16bc473d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    db07579e00a8f63743e7839864fb7c3d

    SHA1

    7c15563e7216351cd4c2951f60a76b4353c3e61d

    SHA256

    d646ec8cf235612e50b4da460967646ab47d1236d6342ca05ebf67960be8ef34

    SHA512

    7ee48c9f4e05411353d8573bcb6f64f8a2a95c9058c722c490f5f7a8a24484e3d481d195f250371dbc6096008225f538d9d2a26d9909d59822f6d55dafb63d12

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    749fc5b69fd1b372894306c2103a970d

    SHA1

    a7681820d35a83c90de36ccec03b33f3b70da686

    SHA256

    529ec74b0d6bce62f6e2882396b605726d84e437708a2f05d7e280d43c9de693

    SHA512

    d318db349d319a8c79e3364c085fd540a9910ae676eaf35f489cd6cbd139eed5efd37f97f42da170a10ed27e68bb8eb9232fd43ebeca2cb66d13d7d039189abc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    912bdfd7f51f37e0bf4ef394980c520e

    SHA1

    01ab4e07143dc14147d0d59390b246a29194f8d7

    SHA256

    3973b89381e48338c96cf3688569f31c599816dccd11bb6a542fe4e81adb1550

    SHA512

    257abaef6e7f25a40f7bc87e79f77727f3e9a2018d7c00ef64104e6f69852f5265a88d33ef605e5f256b6256d97bd0b6d62dd64518384ee8cf570236471e5123

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    02576d682729064d142037035d917aca

    SHA1

    078f65356a386e2d00be0cdb4cee62aeb9a41115

    SHA256

    bea546e637712eaf0a8d7d299a44bed415aeee78c70b35109730dd8dbb5c04cd

    SHA512

    a76c409a4f4bb6fafd86275740ecbb158863aed887b0d001aa4bbbe8efc718d1b043ed9744d73e5e45575b72aa2447f32eb058e47ee9812802c13ec522295c8f

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab516C.tmp
    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar518F.tmp
    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

    Download Submit