aa78cc72258e5ce8df38b0ac36a0b7afe507a5bac1a2206274ecd9a41cb9d98e

Analysis

max time kernel
94s
max time network
104s
platform
windows10-2004_x64
resource
win10v2004-20240508-en
resource tags

arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
submitted
14/05/2024, 21:09

Target

27b6f4abccc188375e5b2f5a615488d0_NeikiAnalytics.exe
Size

74KB
MD5

27b6f4abccc188375e5b2f5a615488d0
SHA1

8719a8ad2b99a3357b03e0120819b72f5dbe650c
SHA256

aa78cc72258e5ce8df38b0ac36a0b7afe507a5bac1a2206274ecd9a41cb9d98e
SHA512

e1f10e98ea332fdb7bdb14c8a7620b095b1597b0885c0420e693aae4c1ac3a39cf145c2bd6ca8d01d4e6f6a85818de0cf1e65d602b3d52feb61fccbb33358aef
SSDEEP

1536:19vbKy8RoG6nXAHb0b4zyLIU1JheKK6FDiMwe8dBJKz:rbKy8RjQb4on1jeKK6FDiMwe8dBYz

Score

7^/10

Executes dropped EXE 1 IoCs

pid	Process
4880	earcadoot.exe

Drops file in System32 directory 2 IoCs

description	ioc	Process
File opened for modification	C:\Windows\SysWOW64\earcadoot.exe	27b6f4abccc188375e5b2f5a615488d0_NeikiAnalytics.exe
File created	C:\Windows\SysWOW64\earcadoot.exe	27b6f4abccc188375e5b2f5a615488d0_NeikiAnalytics.exe

C:\Users\Admin\AppData\Local\Temp\27b6f4abccc188375e5b2f5a615488d0_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\27b6f4abccc188375e5b2f5a615488d0_NeikiAnalytics.exe"
1⤵
- Drops file in System32 directory
PID:3712
- C:\Windows\SysWOW64\earcadoot.exe
  "C:\Windows\SysWOW64\earcadoot.exe"
  2⤵
  - Executes dropped EXE
  PID:4880

C:\Windows\SysWOW64\earcadoot.exe

Filesize
71KB

MD5
6cc5cfdeb37fb4d1c40bfc343990cdb1

SHA1
1a265f8fda722c3d6dab220c8b6fd78c693aa425

SHA256
409c77e72e5005952aca3fcee30fcc2d0024e267cdf935d14c0d2b4a2a5ead0c

SHA512
4b1ecb4cff8f504a56373798fd2047d38d69404ed99fa1d1ff17d792634f7f5b444d2e97f6575fb17daf416fb159ca7fcae8ed289888c7d7f5065520d6a81507

Download Submit
memory/3712-3-0x0000000077CF2000-0x0000000077CF3000-memory.dmp

Filesize
4KB

Download
memory/3712-4-0x0000000000400000-0x0000000000403000-memory.dmp

Filesize
12KB

Download