6b523ed49b1a38f454e51c1b6ae421a6f7167ef7cc79ee74bab062c2f06edc89 | Triage

Analysis

max time kernel
93s
max time network
100s
platform
windows10-2004_x64
resource
win10v2004-20240508-en
resource tags

arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
submitted
13-05-2024 12:46

Sharing

Report Analysis Logs

General

Target

b876bf7aa2cbad87a335f8866ac131e0_NeikiAnalytics.dll
Size

3KB
MD5

b876bf7aa2cbad87a335f8866ac131e0
SHA1

729280c8b91c03db30b922f7c4e279530e377f5e
SHA256

6b523ed49b1a38f454e51c1b6ae421a6f7167ef7cc79ee74bab062c2f06edc89
SHA512

60ff9d7348b82e83c56d2ffbb77f0f28d27fbad8442ca4d0edf118209b653f7d0ba3d8b5d63886ab572b7d2bed0001ee769b96b37ba98086aac798ae74feace4

Score

1^/10

Malware Config

Signatures

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 1928 wrote to memory of 2016	1928	rundll32.exe	81
PID 1928 wrote to memory of 2016	1928	rundll32.exe	81
PID 1928 wrote to memory of 2016	1928	rundll32.exe	81

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\b876bf7aa2cbad87a335f8866ac131e0_NeikiAnalytics.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:1928
- C:\Windows\SysWOW64\rundll32.exe
  rundll32.exe C:\Users\Admin\AppData\Local\Temp\b876bf7aa2cbad87a335f8866ac131e0_NeikiAnalytics.dll,#1
  2⤵
  PID:2016

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads