Overview

overview

3

Static

static

3

95895daf8c...cs.exe

windows7-x64

1

95895daf8c...cs.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    119s
  • max time network
    121s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    11-05-2024 06:42

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    95895daf8ca19a671ebeab9d7b254710_NeikiAnalytics.exe

  • Size

    5.1MB

  • MD5

    95895daf8ca19a671ebeab9d7b254710

  • SHA1

    1e7c6d97bc5dabed02abc4839b5059f4ea2ae909

  • SHA256

    340cb5d5c4cf1b0a755ca0013d069ab7c8c225ff31bd8b56d026a35628fbb66f

  • SHA512

    47a6e1348fc4b28187bfc44d3f914206e2a51dfb3dd293d6299a04226a81ebfd45d33aa8d34e75bc956c1b5f9e9be1c113ae1f7a01eba940f332c78cdde4b005

  • SSDEEP

    98304:1eNboDNNC2vRtOGITQ2V2K93oI7XdoIHGj8kQv+3Ts2BO2np5x4+LBkGXO:oNboD/C2ptOG6Q2V2KpoI7XdoIHGj8k6

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 8 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\95895daf8ca19a671ebeab9d7b254710_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\95895daf8ca19a671ebeab9d7b254710_NeikiAnalytics.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    PID:1724
  • C:\Windows\system32\wbem\WmiApSrv.exe
    C:\Windows\system32\wbem\WmiApSrv.exe
    1⤵
      PID:2708

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\Users\Admin\AppData\Roaming\Bitcoin\addr.dat
      Filesize

      32KB

      MD5

      870e06b543155125ba6db17ae671f6bb

      SHA1

      9f17c274d1c8190f3dd999f6105016a3c64dc6ab

      SHA256

      692469a536e7601f08e26387efd94bd15ad9ef8202b9d41d9ddf8cd2165a403d

      SHA512

      4c990a07ab23a4de1b0c7de47abc2c75198e6a1e99e64f93de512dfddc782e14b9cae2f3e36993075d4cc1bc40c442e986492c62dfec9b8057bef07099d0e0ca

      Download Submit

    • C:\Users\Admin\AppData\Roaming\Bitcoin\blkindex.dat
      Filesize

      32KB

      MD5

      2b7994c6699506e3519756a4b2d24451

      SHA1

      8889827d946925370c3f4d0088362cb8def77a71

      SHA256

      40cba1fc9c21e546279de7e5162dfa4ab16fa12ba316e96e826c7d2fe33ed476

      SHA512

      e700b869dc998203d735fda0ec25a3dad00f448768a93bbc6044012d1e11ea3470130f170f90f36878b8dab04bf597caae49bd6a54e8b59474eb65f16f33bc4c

      Download Submit

    • C:\Users\Admin\AppData\Roaming\Bitcoin\wallet.dat
      Filesize

      88KB

      MD5

      7bebf4a2e498903df0bcc6a19fe10e02

      SHA1

      b9c4ec45446072f266aa0cc52630424074668e66

      SHA256

      d676fc6ce7401544d27177640c5e18ff4cf4be115c8825e58f6a4cc80d598830

      SHA512

      3320ba6306678beab211fe3240b509020d318b7655052bb9961f167e2f30b110dfd28d618e5f724839f61edbd089f213369e12e7be18000ac0e216544da05f40

      Download Submit

    • memory/1724-45-0x0000000000400000-0x0000000000928000-memory.dmp

      Filesize

      5.2MB

      Download