34bcd7116a36daae9017f82e2c55551c01a26366b4c34dcf52455b55e47ea18a

Analysis

max time kernel
93s
max time network
132s
platform
windows10-2004_x64
resource
win10v2004-20240508-en
resource tags

arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
submitted
11-05-2024 15:02

Target

11a20146bed7ed03bdd930c9fa17f790_NeikiAnalytics.exe
Size

73KB
MD5

11a20146bed7ed03bdd930c9fa17f790
SHA1

3e6c3eb07781135d09ee9c5a07976a2ce1e9a69f
SHA256

34bcd7116a36daae9017f82e2c55551c01a26366b4c34dcf52455b55e47ea18a
SHA512

01b96a43c61a2836075107fe79d9a96da8b1a6afd95e02450a1030027b0f31546aa24611e1db13ed647e73abfa327fee104d7d54f8dd770351fb7186e03b9c36
SSDEEP

1536:1/5eSd2CGilFul/vKVjb/uNf5Nf8kuHPvIRgHz:LDavcbUZ8trz

Score

7^/10

Executes dropped EXE 1 IoCs

pid	Process
3492	ouxfaxab.exe

Drops file in System32 directory 2 IoCs

description	ioc	Process
File opened for modification	C:\Windows\SysWOW64\ouxfaxab.exe	11a20146bed7ed03bdd930c9fa17f790_NeikiAnalytics.exe
File created	C:\Windows\SysWOW64\ouxfaxab.exe	11a20146bed7ed03bdd930c9fa17f790_NeikiAnalytics.exe

C:\Users\Admin\AppData\Local\Temp\11a20146bed7ed03bdd930c9fa17f790_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\11a20146bed7ed03bdd930c9fa17f790_NeikiAnalytics.exe"
1⤵
- Drops file in System32 directory
PID:780
- C:\Windows\SysWOW64\ouxfaxab.exe
  "C:\Windows\SysWOW64\ouxfaxab.exe"
  2⤵
  - Executes dropped EXE
  PID:3492

C:\Windows\SysWOW64\ouxfaxab.exe

Filesize
70KB

MD5
72c0ad2e64f19d6607f7f0495dfaccc3

SHA1
75bf80ccfb4f29b33d97972fbcf4d68b9a3bf616

SHA256
2d0975acf9bf4033df2c89b8e597aa0a9b5c9e8cc522021a274bc153e0a4bcff

SHA512
0789170386260da512b27861db30b1741047fa9aae7bed69ce59f5a18c77cf155e30fdee10f887006eb7a32c694c107dd89a9cde834013bfafeb3ff01c2a80f0

Download Submit
memory/780-0-0x0000000077BC2000-0x0000000077BC3000-memory.dmp

Filesize
4KB

Download
memory/780-4-0x0000000000400000-0x0000000000403000-memory.dmp

Filesize
12KB

Download