167ea5e09b0b961e54e4403b68ad2e68b88163b18aa36b0f40fe6b3b8ecd2d34

Analysis

max time kernel
121s
max time network
122s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
11-05-2024 04:45

Target

802a7f345909d6d7ba645deba542d960_NeikiAnalytics.exe
Size

74KB
MD5

802a7f345909d6d7ba645deba542d960
SHA1

a63d7d62dc0e545e1e837b27f61f09f2ad5222fa
SHA256

167ea5e09b0b961e54e4403b68ad2e68b88163b18aa36b0f40fe6b3b8ecd2d34
SHA512

46e4cf35962cb2e690cafac51ca3c63a856b5729561af65d303d553f7ce39ee422fe7a5057a1095b0c6f6650f212e0cea99174151f48cc08989fb16753d345fa
SSDEEP

1536:1YF8NLCofRLCg/pdsHT+obdo8Cgzvl4ooofgke253u2Dw:uF+LCofRLCgxSzXo8CgpIo53u2Dw

Score

7^/10

Executes dropped EXE 1 IoCs

pid	Process
2060	bkeaxoam.exe

Loads dropped DLL 1 IoCs

pid	Process
1924	802a7f345909d6d7ba645deba542d960_NeikiAnalytics.exe

Drops file in System32 directory 2 IoCs

description	ioc	Process
File opened for modification	C:\Windows\SysWOW64\bkeaxoam.exe	802a7f345909d6d7ba645deba542d960_NeikiAnalytics.exe
File created	C:\Windows\SysWOW64\bkeaxoam.exe	802a7f345909d6d7ba645deba542d960_NeikiAnalytics.exe

C:\Users\Admin\AppData\Local\Temp\802a7f345909d6d7ba645deba542d960_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\802a7f345909d6d7ba645deba542d960_NeikiAnalytics.exe"
1⤵
- Loads dropped DLL
- Drops file in System32 directory
PID:1924
- C:\Windows\SysWOW64\bkeaxoam.exe
  "C:\Windows\SysWOW64\bkeaxoam.exe"
  2⤵
  - Executes dropped EXE
  PID:2060

\Windows\SysWOW64\bkeaxoam.exe

Filesize
71KB

MD5
ce6307b764cddda7c21207a4c85c5089

SHA1
d4dac7ad00468588b1dc09f4d0b9423e62964cd1

SHA256
f841f9b23b0c6aac6783ced531a13bb8aec849de39706a1c094d27db089df957

SHA512
3177fba1256ffc08b4430f0e2f241cae28f308bc9e0741e30c276e38fd785be3ce95618163ec53fc06ecb5a8c61117e2b7a12d8ea68fd9797c925614ee283ef9

Download Submit
memory/1924-5-0x0000000000400000-0x0000000000403000-memory.dmp

Filesize
12KB

Download