777bfe226a67cedd4727829e3bfc389ed1cdc8812b4e80902744a70e0ba266ba

Analysis

max time kernel
120s
max time network
126s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
13-05-2024 23:24

Target

3519183785d87649945ff0bccc944300_NeikiAnalytics.exe
Size

918KB
MD5

3519183785d87649945ff0bccc944300
SHA1

a9e1077d7c4644bca4ab3c15fe0fc4be457da2e8
SHA256

777bfe226a67cedd4727829e3bfc389ed1cdc8812b4e80902744a70e0ba266ba
SHA512

9c698a712713600e208fbcfa9956e03ae00d632845087b93fc3fe6314cf34d7dcee24f35d7d497d70a8ab8d8317e0ddbd9a1035d002f252d1d3009c41bcc17c5
SSDEEP

6144:URKX1H7x1NWqh8DHdXXOc4hGJGfObKjgtgbp+twABbxxJa/YESCNbbtZFAmf:d7gqgH9OlhGJGfQgbp8jVDa/ZS0tZFpf

Score

7^/10

Deletes itself 1 IoCs

pid	Process
2456	3519183785d87649945ff0bccc944300_NeikiAnalytics.exe

Executes dropped EXE 1 IoCs

pid	Process
2456	3519183785d87649945ff0bccc944300_NeikiAnalytics.exe

Loads dropped DLL 4 IoCs

Program crash 1 IoCs

pid	pid_target	Process	procid_target
2468	2456	WerFault.exe	29

Suspicious behavior: RenamesItself 1 IoCs

pid	Process
2192	3519183785d87649945ff0bccc944300_NeikiAnalytics.exe

Suspicious use of UnmapMainImage 1 IoCs

pid	Process
2456	3519183785d87649945ff0bccc944300_NeikiAnalytics.exe

Suspicious use of WriteProcessMemory 8 IoCs

description	pid	Process	procid_target
PID 2192 wrote to memory of 2456	2192	3519183785d87649945ff0bccc944300_NeikiAnalytics.exe	29
PID 2192 wrote to memory of 2456	2192	3519183785d87649945ff0bccc944300_NeikiAnalytics.exe	29
PID 2192 wrote to memory of 2456	2192	3519183785d87649945ff0bccc944300_NeikiAnalytics.exe	29
PID 2192 wrote to memory of 2456	2192	3519183785d87649945ff0bccc944300_NeikiAnalytics.exe	29
PID 2456 wrote to memory of 2468	2456	3519183785d87649945ff0bccc944300_NeikiAnalytics.exe	30
PID 2456 wrote to memory of 2468	2456	3519183785d87649945ff0bccc944300_NeikiAnalytics.exe	30
PID 2456 wrote to memory of 2468	2456	3519183785d87649945ff0bccc944300_NeikiAnalytics.exe	30
PID 2456 wrote to memory of 2468	2456	3519183785d87649945ff0bccc944300_NeikiAnalytics.exe	30

\Users\Admin\AppData\Local\Temp\3519183785d87649945ff0bccc944300_NeikiAnalytics.exe

Filesize
918KB

MD5
500626ea6d2b8efdb691cfc51d23f445

SHA1
d4c6a7ef50c1e82c73297d6fe9afad3192c226ab

SHA256
5ffee593636150c0ffd57d6ffa8cc92df94d606ed8b75e685108d9323094cc97

SHA512
28bf2779246401f025ab322db5b601ac010bc492a5500a69d982a21613cc21d6502a96e59d02ec1b234615977283077009ff09ca85844742327508a6c1920f8e

Download Submit
memory/2192-0-0x0000000000400000-0x00000000004F2000-memory.dmp

Filesize
968KB

Download
memory/2192-7-0x0000000000400000-0x00000000004F2000-memory.dmp

Filesize
968KB

Download
memory/2456-9-0x0000000000400000-0x00000000004F2000-memory.dmp

Filesize
968KB

Download
memory/2456-10-0x0000000002EC0000-0x0000000002FB2000-memory.dmp

Filesize
968KB

Download