d4a0c55ba8ab29b61af7238d2d5298518f3d09d8e48e38803284bc413f4efab9

Analysis

max time kernel
118s
max time network
118s
platform
windows7_x64
resource
win7-20240220-en
resource tags

arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system
submitted
10/05/2024, 20:07

Target

64a8aaa034ec742caf97938ab0ef02f0_NeikiAnalytics.exe
Size

74KB
MD5

64a8aaa034ec742caf97938ab0ef02f0
SHA1

6700aff85b08affbac237d2560163daaa27c6c6d
SHA256

d4a0c55ba8ab29b61af7238d2d5298518f3d09d8e48e38803284bc413f4efab9
SHA512

8d351890ca509899bcc4cac8f94626872e2eb58cf5072c478bd24ba1d138462548ff6ff07be3d8fd2689f56e67436d186bab56ae64c5f0f97a6dcb89402220e1
SSDEEP

1536:1wrcZa4V5fH01ZJdlUOIV3js6/XyMgjm6Ul0sYnLwDxa:y6RRH0IVweitm7lXYnED0

Score

7^/10

Executes dropped EXE 1 IoCs

pid	Process
2160	ouppehean.exe

Loads dropped DLL 1 IoCs

pid	Process
2924	64a8aaa034ec742caf97938ab0ef02f0_NeikiAnalytics.exe

Drops file in System32 directory 2 IoCs

description	ioc	Process
File opened for modification	C:\Windows\SysWOW64\ouppehean.exe	64a8aaa034ec742caf97938ab0ef02f0_NeikiAnalytics.exe
File created	C:\Windows\SysWOW64\ouppehean.exe	64a8aaa034ec742caf97938ab0ef02f0_NeikiAnalytics.exe

C:\Users\Admin\AppData\Local\Temp\64a8aaa034ec742caf97938ab0ef02f0_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\64a8aaa034ec742caf97938ab0ef02f0_NeikiAnalytics.exe"
1⤵
- Loads dropped DLL
- Drops file in System32 directory
PID:2924
- C:\Windows\SysWOW64\ouppehean.exe
  "C:\Windows\SysWOW64\ouppehean.exe"
  2⤵
  - Executes dropped EXE
  PID:2160

\Windows\SysWOW64\ouppehean.exe

Filesize
71KB

MD5
69827068f6f9b7a59762e777845cf57a

SHA1
88a5a0d74d84ac040e1557f6cce7a23f7bedae34

SHA256
45b7002dd873b31b2fd224f8790c5cb6aa45c68cae988af0b42688aac0c53993

SHA512
25b26bcbfed413cf69c0b1b9d15b194f84fe3df7ce9a7496328f9c38ffbed18c4a68395fd68c791805c39760b48ddedfee031c43b2436639291d0473f409903f

Download Submit
memory/2924-5-0x0000000000400000-0x0000000000403000-memory.dmp

Filesize
12KB

Download