5afd111541d990c2a2498dd3566e4eb297ec7e999ba967a6794cb1e2c11b98ad

Analysis

max time kernel
93s
max time network
94s
platform
windows10-2004_x64
resource
win10v2004-20240508-en
resource tags

arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
submitted
14/05/2024, 13:46

Target

c903462e19a8c2c82ae90b16b5afe170_NeikiAnalytics.dll
Size

81KB
MD5

c903462e19a8c2c82ae90b16b5afe170
SHA1

2537c56e36197f7e8a1c3947a4a9bed2ba9aa0b3
SHA256

5afd111541d990c2a2498dd3566e4eb297ec7e999ba967a6794cb1e2c11b98ad
SHA512

3c90872e87f405a393418979164b0d5eed38e5987e9ea3eb8a5629f01309db521a26b8d850c1eacf0af2780e74df2ad13f9836896cb057968ec128391ead0bd3
SSDEEP

1536:5tByXv7uWGEqXZKXTadSp7Lxw9zzBPw+iASUSFOj8sWHcdF7zenq8W+:54v4JKXTx71w0ArSsXF3enq8W+

Score

1^/10

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 1992 wrote to memory of 4296	1992	rundll32.exe	82
PID 1992 wrote to memory of 4296	1992	rundll32.exe	82
PID 1992 wrote to memory of 4296	1992	rundll32.exe	82

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\c903462e19a8c2c82ae90b16b5afe170_NeikiAnalytics.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:1992
- C:\Windows\SysWOW64\rundll32.exe
  rundll32.exe C:\Users\Admin\AppData\Local\Temp\c903462e19a8c2c82ae90b16b5afe170_NeikiAnalytics.dll,#1
  2⤵
  PID:4296