Analysis
-
max time kernel
134s -
max time network
124s -
platform
windows10-2004_x64 -
resource
win10v2004-20240426-en -
resource tags
arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system -
submitted
11-05-2024 21:19
Static task
static1
Behavioral task
behavioral1
Sample
3b7feea4525d0d7776ea12bdd5216630_NeikiAnalytics.exe
Resource
win7-20240215-en
Behavioral task
behavioral2
Sample
3b7feea4525d0d7776ea12bdd5216630_NeikiAnalytics.exe
Resource
win10v2004-20240426-en
General
-
Target
3b7feea4525d0d7776ea12bdd5216630_NeikiAnalytics.exe
-
Size
138KB
-
MD5
3b7feea4525d0d7776ea12bdd5216630
-
SHA1
c69f7cadfe1af3518d751831449f4a9d488511a6
-
SHA256
8311ffaf5a1cf17705351dfcfd5a21298f740a33a33060c291e0030c3d80813f
-
SHA512
0b287baeea6fc7228c4830d2d85475012f245b8cc52f2ef19900f78abd7a51cd33546c1d523e9f6112249938a35012ed9fb49550f276cd0fa0b097e5536c9904
-
SSDEEP
3072:BVMfMIbIow3J9tCII06DZWYIYpx+BC3K5eqU+BC3K5eqYroGSZ:cfMminCII06VWwpbK70K7zZ
Malware Config
Signatures
-
Modifies AppInit DLL entries 2 TTPs
-
Executes dropped EXE 1 IoCs
pid Process 3080 oyfhgkd.exe -
Drops file in Program Files directory 2 IoCs
description ioc Process File created C:\PROGRA~3\Mozilla\oyfhgkd.exe 3b7feea4525d0d7776ea12bdd5216630_NeikiAnalytics.exe File created C:\PROGRA~3\Mozilla\hbxxkjc.dll oyfhgkd.exe
Processes
-
C:\Users\Admin\AppData\Local\Temp\3b7feea4525d0d7776ea12bdd5216630_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\3b7feea4525d0d7776ea12bdd5216630_NeikiAnalytics.exe"1⤵
- Drops file in Program Files directory
PID:1048
-
C:\PROGRA~3\Mozilla\oyfhgkd.exeC:\PROGRA~3\Mozilla\oyfhgkd.exe -lxegbhe1⤵
- Executes dropped EXE
- Drops file in Program Files directory
PID:3080
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
138KB
MD53940bc3a603a36d70eea275f53577dbc
SHA167dfd2e5e134942aa9fdd43388d0bbd26ce84bf1
SHA256d2812694a7d673233792b312db3864d6c8c83d4f19867b0fa127e5822a7a6654
SHA51235f98ea878683c805aa37f83cf58af0a1cc14f03ea22dc38b1a45d80c77ab21d76d1dc5504030296e64c136bfb9baaa37c9b5c7b0f4756972f0e531559980617