32ed3e15ea88cc339ad29279244c7868d78fb62bf0682ff2c6b1274495739cfa

Analysis

max time kernel
148s
max time network
151s
platform
windows10-2004_x64
resource
win10v2004-20240508-en
resource tags

arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
submitted
11-05-2024 02:33

Target

5c5f8e1f1c0b04695bb167d77da04370_NeikiAnalytics.dll
Size

81KB
MD5

5c5f8e1f1c0b04695bb167d77da04370
SHA1

1fb5f0c12cbb387029fbd67bcbe81ffd6858a672
SHA256

32ed3e15ea88cc339ad29279244c7868d78fb62bf0682ff2c6b1274495739cfa
SHA512

657e9a53755557553585e634229b803c3d550305607b04378d505a5a092e5852c183b3eb8dde2545568f41c915d7db45249e0a434c76a3b56ae8d048d9668dd5
SSDEEP

1536:EByXv7uWGEqXZKXTadSp7Lxw9zzBPw+NASUSFOj8sWHcdF6+eXq8WF:xv4JKXTx71wnArSsXFpeXq8WF

Score

1^/10

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 1388 wrote to memory of 1452	1388	rundll32.exe	82
PID 1388 wrote to memory of 1452	1388	rundll32.exe	82
PID 1388 wrote to memory of 1452	1388	rundll32.exe	82

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\5c5f8e1f1c0b04695bb167d77da04370_NeikiAnalytics.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:1388
- C:\Windows\SysWOW64\rundll32.exe
  rundll32.exe C:\Users\Admin\AppData\Local\Temp\5c5f8e1f1c0b04695bb167d77da04370_NeikiAnalytics.dll,#1
  2⤵
  PID:1452