326343ae127ab6d0b0df9be0e04af4604487e017cecc6ce59484949e378e50a6

Analysis

max time kernel
149s
max time network
152s
platform
windows10-2004_x64
resource
win10v2004-20240508-en
resource tags

arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
submitted
12/05/2024, 02:50

Target

5f8dd8914385931c6fc0b88d2fd5f4f0_NeikiAnalytics.exe
Size

9KB
MD5

5f8dd8914385931c6fc0b88d2fd5f4f0
SHA1

cedfc5c07b2c4f3b4d12ecf0dab9c2c1508ce78c
SHA256

326343ae127ab6d0b0df9be0e04af4604487e017cecc6ce59484949e378e50a6
SHA512

23f127628ed7879b8b4bcc895ec38a941da746279064aab0db68c809ef81010801df6d2f8f1875ee790592d58a36fb8da713a2f8e4fba74c60d53170b070b42e
SSDEEP

192:DBksuDzHNQHBeMZZ3H93VnjdwqzU3ltLZGEf:0HkBeMBFnhwqQ1tLZGE

Score

1^/10

Suspicious use of AdjustPrivilegeToken 1 IoCs

description	pid	Process
Token: SeDebugPrivilege	4328	5f8dd8914385931c6fc0b88d2fd5f4f0_NeikiAnalytics.exe

C:\Users\Admin\AppData\Local\Temp\5f8dd8914385931c6fc0b88d2fd5f4f0_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\5f8dd8914385931c6fc0b88d2fd5f4f0_NeikiAnalytics.exe"
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:4328

memory/4328-0-0x0000000000270000-0x0000000000278000-memory.dmp

Filesize
32KB

Download
memory/4328-1-0x00007FF9FFBA3000-0x00007FF9FFBA5000-memory.dmp

Filesize
8KB

Download
memory/4328-2-0x0000000000B60000-0x0000000000B72000-memory.dmp

Filesize
72KB

Download
memory/4328-3-0x000000001AD50000-0x000000001AD8C000-memory.dmp

Filesize
240KB

Download
memory/4328-4-0x00007FF9FFBA0000-0x00007FFA00661000-memory.dmp

Filesize
10.8MB

Download
memory/4328-5-0x00007FF9FFBA0000-0x00007FFA00661000-memory.dmp

Filesize
10.8MB

Download