Overview

overview

7

Static

static

3

27eafecf75...cs.exe

windows7-x64

7

27eafecf75...cs.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    120s
  • max time network
    124s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    13/05/2024, 22:16

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    27eafecf7556955b8c57a42f85e65020_NeikiAnalytics.exe

  • Size

    448KB

  • MD5

    27eafecf7556955b8c57a42f85e65020

  • SHA1

    1caa8840056b3022d57e07baf38d25b02c18c2b6

  • SHA256

    aa9d389a2a94fb184f8e31cc74342ebde2a717ba7e4c156019ce2838635f5568

  • SHA512

    8c98bed8bd26e2912b1a10e4fa5d6f100edc5284960fd1f7a2563f02432ecd44705a62cd09ceff90999d44d90874089ff19726867fe4cdc57d209d43a8a6e29f

  • SSDEEP

    6144:uMTiZ2d2vtif5pxrlD36LLNIDEqZK0W7cyqCxSngmMBqfycuPbUl0i5cD5J6K1mi:uMTP/TNlLSwEqZQ0npM4dl0v5JdmY

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious behavior: RenamesItself 1 IoCs
  • Suspicious use of UnmapMainImage 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\27eafecf7556955b8c57a42f85e65020_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\27eafecf7556955b8c57a42f85e65020_NeikiAnalytics.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: RenamesItself
    • Suspicious use of WriteProcessMemory
    PID:2004
    • C:\Users\Admin\AppData\Local\Temp\27eafecf7556955b8c57a42f85e65020_NeikiAnalytics.exe
      C:\Users\Admin\AppData\Local\Temp\27eafecf7556955b8c57a42f85e65020_NeikiAnalytics.exe
      2⤵
      • Deletes itself
      • Executes dropped EXE
      • Suspicious behavior: GetForegroundWindowSpam
      • Suspicious use of UnmapMainImage
      PID:2668

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Users\Admin\AppData\Local\Temp\27eafecf7556955b8c57a42f85e65020_NeikiAnalytics.exe
    Filesize

    448KB

    MD5

    33b2af024a16aeef347772888f931f03

    SHA1

    2c774d11dad00a2f625ed871d370b6b20c771099

    SHA256

    5450fe16785194ca5201792a64663ccc2dafb8e7b63f2bf8505d9a9a95147d36

    SHA512

    0c7472849f777cca4dd31e0d6d8cf87083e23cdc92446ca9a20bd3d2b271f0b5ceab37c22d6c1655b25c04ff9ef3ed2e77126cd0ac8dcf73062507f8dc5e2ec0

    Download Submit

  • memory/2004-0-0x0000000000400000-0x0000000000438000-memory.dmp

    Filesize

    224KB

    Download

  • memory/2004-5-0x00000000001B0000-0x00000000001E8000-memory.dmp

    Filesize

    224KB

    Download

  • memory/2004-10-0x0000000000400000-0x0000000000438000-memory.dmp

    Filesize

    224KB

    Download

  • memory/2668-12-0x0000000000400000-0x0000000000438000-memory.dmp

    Filesize

    224KB

    Download

  • memory/2668-13-0x0000000000400000-0x0000000000415000-memory.dmp

    Filesize

    84KB

    Download

  • memory/2668-18-0x0000000000250000-0x0000000000288000-memory.dmp

    Filesize

    224KB

    Download