1d87470697976053ee1362aa8bae045f877d5a042564629068116d6c86524995

Analysis

max time kernel
118s
max time network
120s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
11/05/2024, 04:57

Target

82b8b4a2274cb7efffd111591406c4d0_NeikiAnalytics.exe
Size

701KB
MD5

82b8b4a2274cb7efffd111591406c4d0
SHA1

8f4b6349bd7a38d6a18ac17049748f4e6ef9d767
SHA256

1d87470697976053ee1362aa8bae045f877d5a042564629068116d6c86524995
SHA512

1b3f76a1611b6d7406aae741424e1a3a338eb62ade3ac28fa736ce41d85dbbc6cab81211621037bb84ae08dd8a99524dc8fb39c250fdba8fb087ae609be3eeca
SSDEEP

12288:RQR6H3UMAdB8qr0zw9iXQ40AOzDr5YJjsF/5v3ZkHRik8Y:RQR63atr0zAiX90z/F0jsFB3SQkX

Score

5^/10

Drops file in System32 directory 1 IoCs

description	ioc	Process
File opened for modification	C:\Windows\System32\alg.exe	82b8b4a2274cb7efffd111591406c4d0_NeikiAnalytics.exe

Suspicious use of AdjustPrivilegeToken 1 IoCs

description	pid	Process
Token: SeTakeOwnershipPrivilege	2284	82b8b4a2274cb7efffd111591406c4d0_NeikiAnalytics.exe

memory/2284-0-0x0000000030000000-0x00000000300B5000-memory.dmp

Filesize
724KB

Download
memory/2284-8-0x0000000000430000-0x0000000000497000-memory.dmp

Filesize
412KB

Download
memory/2284-1-0x0000000000430000-0x0000000000497000-memory.dmp

Filesize
412KB

Download
memory/2284-13-0x0000000030000000-0x00000000300B5000-memory.dmp

Filesize
724KB

Download