adc5d627b8779e263eeafb777a8084fa40c3ba01d6a7da1f4b28057e71d907ab

Analysis

max time kernel
133s
max time network
102s
platform
windows10-2004_x64
resource
win10v2004-20240426-en
resource tags

arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system
submitted
12-05-2024 04:04

Target

679d50cbcd8422abf50c2d4e3ef35bd0_NeikiAnalytics.exe
Size

73KB
MD5

679d50cbcd8422abf50c2d4e3ef35bd0
SHA1

13a8f2b51722386a1893bd5bff49b33c74227dee
SHA256

adc5d627b8779e263eeafb777a8084fa40c3ba01d6a7da1f4b28057e71d907ab
SHA512

d2a2725273ae99d94b5650ddceed4c2765f74d715bf5c35a873c1496a398cb53cc0338ce960796e056160b8fae5807248581dc0250b849c1daa5329dd091dedc
SSDEEP

1536:12l0TX0IW6EYEDpMA9YnjFUP9WVD7U4v2ybGvsxbxMGu:c/IWlDWU+7U5ybAGMJ

Score

7^/10

Executes dropped EXE 1 IoCs

pid	Process
440	oucsoavug.exe

Drops file in System32 directory 2 IoCs

description	ioc	Process
File opened for modification	C:\Windows\SysWOW64\oucsoavug.exe	679d50cbcd8422abf50c2d4e3ef35bd0_NeikiAnalytics.exe
File created	C:\Windows\SysWOW64\oucsoavug.exe	679d50cbcd8422abf50c2d4e3ef35bd0_NeikiAnalytics.exe

C:\Users\Admin\AppData\Local\Temp\679d50cbcd8422abf50c2d4e3ef35bd0_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\679d50cbcd8422abf50c2d4e3ef35bd0_NeikiAnalytics.exe"
1⤵
- Drops file in System32 directory
PID:4508
- C:\Windows\SysWOW64\oucsoavug.exe
  "C:\Windows\SysWOW64\oucsoavug.exe"
  2⤵
  - Executes dropped EXE
  PID:440

C:\Windows\SysWOW64\oucsoavug.exe

Filesize
70KB

MD5
197130f7b7a5f65b4223caffa0acffef

SHA1
f7e4170e7f0a230416e7da87f55ee60198a7768a

SHA256
4556997773e8e1268d0cfd13c56a94046c3876dddbbef305806618e10961d509

SHA512
b5c6cfd115d07eceaf2c03d731da6e53a73187933611e2830ee374895b246e7626bf026f585ec215132ecea64549e21979e0f76134961acb185a8571fd2c3912

Download Submit
memory/4508-4-0x0000000000400000-0x0000000000403000-memory.dmp

Filesize
12KB

Download
memory/4508-3-0x0000000076EE2000-0x0000000076EE3000-memory.dmp

Filesize
4KB

Download