Overview

overview

7

Static

static

3

08dab044fd...cs.exe

windows7-x64

7

08dab044fd...cs.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    149s
  • max time network
    157s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240508-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
  • submitted
    11/05/2024, 13:30

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    08dab044fd3cde3adc8e9902ac041a40_NeikiAnalytics.exe

  • Size

    74KB

  • MD5

    08dab044fd3cde3adc8e9902ac041a40

  • SHA1

    29935baafa82af63de4ee9c045afcde67bde06f4

  • SHA256

    d6104b08625261a10c1912a4773b1534cf6b0656ec56f28e8b05079c66559a5b

  • SHA512

    cb0ecfb4fd68b9d7c54ad0690c8d61047344e494a5f167d8f19fe1e555b0942c10c5694a95d9dc680c8b739bd451b98fdd163612525e0e1314803410a0e46a7a

  • SSDEEP

    1536:1gU/dYYgahv7wBFcJhCzJyFP46pEg+gpbDiMwh:+U1YYgmv7GxyzpEg+gjwh

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Drops file in System32 directory 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\08dab044fd3cde3adc8e9902ac041a40_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\08dab044fd3cde3adc8e9902ac041a40_NeikiAnalytics.exe"
    1⤵
    • Drops file in System32 directory
    PID:3816
    • C:\Windows\SysWOW64\ourfepoat-egoab.exe
      "C:\Windows\SysWOW64\ourfepoat-egoab.exe"
      2⤵
      • Executes dropped EXE
      PID:1028

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Windows\SysWOW64\ourfepoat-egoab.exe
          Filesize

          71KB

          MD5

          b24f66cb13d95430f2cccfbb3885a00e

          SHA1

          53e463e2035fc3689c16bdeae4e22d7d74d89150

          SHA256

          06d14549afee0853e8d7bda09cff2ddd2b119551a55efe6648e95df11570569a

          SHA512

          e18476de00669da611999ccb23027c81c849b6888d72fdb9c14dfbac8f831453cb4aec16cc77a3a7f2632ab558db31ca50db6d6942eb5f0b35632883c1dd6c41

          Download Submit

        • memory/3816-1-0x0000000077562000-0x0000000077563000-memory.dmp

          Filesize

          4KB

          Download

        • memory/3816-4-0x0000000000400000-0x0000000000403000-memory.dmp

          Filesize

          12KB

          Download