Overview

overview

7

Static

static

3

adde71246b...cs.exe

windows7-x64

7

adde71246b...cs.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    119s
  • max time network
    124s
  • platform
    windows7_x64
  • resource
    win7-20240215-en
  • resource tags

    arch:x64arch:x86image:win7-20240215-enlocale:en-usos:windows7-x64system
  • submitted
    14-05-2024 08:28

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    adde71246bb911896f8c15cba816f870_NeikiAnalytics.exe

  • Size

    95KB

  • MD5

    adde71246bb911896f8c15cba816f870

  • SHA1

    2f26b6a82b9be3f92b1f42e85c034a535d4ab090

  • SHA256

    1cb3074594877dfa3f3e260b6e91140f28e0ad1933b97e8772e60f14aa7e7718

  • SHA512

    1415dcc5183bcb02741421315ce37fbd2a9d95409dfe0e1d2972964b87c02864b7b443501b84b64a8146e33ff7b979d3256247a763ca4f615431aabd3e1b53db

  • SSDEEP

    1536:SomHrhA83m7or2mAq/qIwM4Y1DYfyM+5bQaSOmwzeNef7juRIDJIT7jwO:ezwoB9wM5EfybbQz3Nef+Qa

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious behavior: RenamesItself 1 IoCs
  • Suspicious use of UnmapMainImage 2 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\adde71246bb911896f8c15cba816f870_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\adde71246bb911896f8c15cba816f870_NeikiAnalytics.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: RenamesItself
    • Suspicious use of UnmapMainImage
    • Suspicious use of WriteProcessMemory
    PID:1764
    • C:\Users\Admin\AppData\Local\Temp\adde71246bb911896f8c15cba816f870_NeikiAnalytics.exe
      C:\Users\Admin\AppData\Local\Temp\adde71246bb911896f8c15cba816f870_NeikiAnalytics.exe
      2⤵
      • Deletes itself
      • Executes dropped EXE
      • Suspicious use of UnmapMainImage
      PID:2832

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\adde71246bb911896f8c15cba816f870_NeikiAnalytics.exe
    Filesize

    95KB

    MD5

    feb1f44742c8a32ff7f6e59adefe659d

    SHA1

    a5d9c9d89ae4986cb6f05e585ee9d96409927ae9

    SHA256

    65e7ec76017dd6f950045e536de9bb3df9c72100df6b37864d42bb6c4e358a0a

    SHA512

    2ea0a71962aedd9575011d32afb75d549ecfdd01c057d07435894ca10fcfde5441a2356fd16596a3af8df4068bed0a89c67bb3b454cd641462574d957ae559a0

    Download Submit

  • memory/1764-0-0x0000000000400000-0x0000000000433000-memory.dmp

    Filesize

    204KB

    Download

  • memory/1764-1-0x0000000000400000-0x000000000041B000-memory.dmp

    Filesize

    108KB

    Download

  • memory/1764-9-0x0000000000140000-0x0000000000173000-memory.dmp

    Filesize

    204KB

    Download

  • memory/1764-15-0x0000000000400000-0x000000000041B000-memory.dmp

    Filesize

    108KB

    Download

  • memory/2832-17-0x0000000000400000-0x0000000000433000-memory.dmp

    Filesize

    204KB

    Download

  • memory/2832-24-0x0000000000400000-0x000000000040E000-memory.dmp

    Filesize

    56KB

    Download

  • memory/2832-20-0x00000000002C0000-0x00000000002F3000-memory.dmp

    Filesize

    204KB

    Download

  • memory/2832-29-0x0000000000330000-0x000000000034B000-memory.dmp

    Filesize

    108KB

    Download