bff9a5642e147277e0729853ac53c9f95eb4cbb1ffd0fc466392a0b64cd29494

Analysis

max time kernel
149s
max time network
150s
platform
windows10-2004_x64
resource
win10v2004-20240508-en
resource tags

arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
submitted
15/05/2024, 00:43

Target

517ede707fc938b28199734f5d4881e0_NeikiAnalytics.exe
Size

73KB
MD5

517ede707fc938b28199734f5d4881e0
SHA1

906286a3bf71ea3f52a5652ed49137b0f353be34
SHA256

bff9a5642e147277e0729853ac53c9f95eb4cbb1ffd0fc466392a0b64cd29494
SHA512

470be3661e35d9bbd9d5073bf51a35e51e7c34f0816ac66a8a9bc4d705b7fddb2f9e434f138e4390e5293026cca5a9e044ab10bc3227d9aa73846fac88f964fa
SSDEEP

1536:1gU/dYYgahv7wBFcJhCzJyFP46pEg+gpbDiMwdZ:+U1YYgmv7GxyzpEg+gjwX

Score

7^/10

Executes dropped EXE 1 IoCs

pid	Process
228	oldumig-etid.exe

Drops file in System32 directory 2 IoCs

description	ioc	Process
File created	C:\Windows\SysWOW64\oldumig-etid.exe	517ede707fc938b28199734f5d4881e0_NeikiAnalytics.exe
File opened for modification	C:\Windows\SysWOW64\oldumig-etid.exe	517ede707fc938b28199734f5d4881e0_NeikiAnalytics.exe

C:\Users\Admin\AppData\Local\Temp\517ede707fc938b28199734f5d4881e0_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\517ede707fc938b28199734f5d4881e0_NeikiAnalytics.exe"
1⤵
- Drops file in System32 directory
PID:3704
- C:\Windows\SysWOW64\oldumig-etid.exe
  "C:\Windows\SysWOW64\oldumig-etid.exe"
  2⤵
  - Executes dropped EXE
  PID:228

C:\Windows\SysWOW64\oldumig-etid.exe

Filesize
70KB

MD5
310e4212c83db13297a74ba3cc860054

SHA1
3f7d094c073579ad9437e64f4252f92d71f6986f

SHA256
b13a42f691a2980fd4e4831e29a46dfdb7afd23ebedb8d9deae911cce9b9b5f8

SHA512
9e7e1fa7ce73ca226a4a391bb8f30d742270c548af755c02e73576e69c1087f3f310ae790c228dc2fba0a49a18f53a66176412c9e1a4371c3525f02c9dd4a647

Download Submit
memory/3704-3-0x0000000077322000-0x0000000077323000-memory.dmp

Filesize
4KB

Download
memory/3704-4-0x0000000000400000-0x0000000000403000-memory.dmp

Filesize
12KB

Download