6417a76cd7a1be220eb9966cf62a6d662aefc8daf594de60cb4d6779f6bfff7a

Analysis

max time kernel
94s
max time network
96s
platform
windows10-2004_x64
resource
win10v2004-20240508-en
resource tags

arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
submitted
13-05-2024 08:23

Target

a9ced26aa7b8a5169b620bdcaee1bc70_NeikiAnalytics.exe
Size

73KB
MD5

a9ced26aa7b8a5169b620bdcaee1bc70
SHA1

2496410864817c414e39c5f666cc837c2467c6d8
SHA256

6417a76cd7a1be220eb9966cf62a6d662aefc8daf594de60cb4d6779f6bfff7a
SHA512

ad1843df2ebe0ab22ffad1e650a42335a7ca8a61e0c45234a2437f119d9cc8509d3cb59de2dc9127c83a1ea931ed473f57fc9fd1678372a1e25fc243c47165f7
SSDEEP

1536:10Qy//HYGZ75/51cnN/sTJMj+wiOAQYcnKfJYWWGmd:fy//d5/514N/QKjiOAjRk

Score

7^/10

Executes dropped EXE 1 IoCs

pid	Process
3816	avpivof-eceas.exe

Drops file in System32 directory 2 IoCs

description	ioc	Process
File opened for modification	C:\Windows\SysWOW64\avpivof-eceas.exe	a9ced26aa7b8a5169b620bdcaee1bc70_NeikiAnalytics.exe
File created	C:\Windows\SysWOW64\avpivof-eceas.exe	a9ced26aa7b8a5169b620bdcaee1bc70_NeikiAnalytics.exe

C:\Users\Admin\AppData\Local\Temp\a9ced26aa7b8a5169b620bdcaee1bc70_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\a9ced26aa7b8a5169b620bdcaee1bc70_NeikiAnalytics.exe"
1⤵
- Drops file in System32 directory
PID:1672
- C:\Windows\SysWOW64\avpivof-eceas.exe
  "C:\Windows\SysWOW64\avpivof-eceas.exe"
  2⤵
  - Executes dropped EXE
  PID:3816

C:\Windows\SysWOW64\avpivof-eceas.exe

Filesize
70KB

MD5
06bfb33fdbd79333061c07dd3e64439b

SHA1
b1795eff3910b12eab64bf797bf6d65319ec64a3

SHA256
ab92ecee6268ea26537040625caa7764924e9d03b61b3f9139b3148eb7a6f9dd

SHA512
b98b509ba6f0200f13b0130d843d932336574edcc4f91889c5c80d7d83786008808a1fc879fd69092216d8acd62cc74fd1837beb1877f71868cc46ac6aa6ee50

Download Submit
memory/1672-3-0x0000000000400000-0x0000000000403000-memory.dmp

Filesize
12KB

Download