51e9c7508e456268ecb090f1f5f0c9be7758862a8c67b266f0d7c0d12ab5ea8f

Analysis

max time kernel
118s
max time network
119s
platform
windows7_x64
resource
win7-20231129-en
resource tags

arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
submitted
15-05-2024 04:11

Target

7930ee0077c4424c986f2be42e8ff250_NeikiAnalytics.dll
Size

288KB
MD5

7930ee0077c4424c986f2be42e8ff250
SHA1

ef119313c8f0bab8e2d156083a7c19115540a5d9
SHA256

51e9c7508e456268ecb090f1f5f0c9be7758862a8c67b266f0d7c0d12ab5ea8f
SHA512

e582c8d655f84b579614eb89219c1b2ad127485c1df361a5424dbea6c3877e9c7ab6a0d2c95095f12c8b92f2882d7aec3b6195f2fb3bce163340d82752df94c7
SSDEEP

6144:LbXqV+dYPkYH6KXz1jLcoo2xmg5Ai9FTZEujdo0E9bW:PXo+dYsYa8zBcoo2xt5tEC+k

Score

1^/10

Suspicious use of WriteProcessMemory 7 IoCs

description	pid	Process	procid_target
PID 2344 wrote to memory of 2340	2344	rundll32.exe	28
PID 2344 wrote to memory of 2340	2344	rundll32.exe	28
PID 2344 wrote to memory of 2340	2344	rundll32.exe	28
PID 2344 wrote to memory of 2340	2344	rundll32.exe	28
PID 2344 wrote to memory of 2340	2344	rundll32.exe	28
PID 2344 wrote to memory of 2340	2344	rundll32.exe	28
PID 2344 wrote to memory of 2340	2344	rundll32.exe	28

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\7930ee0077c4424c986f2be42e8ff250_NeikiAnalytics.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:2344
- C:\Windows\SysWOW64\rundll32.exe
  rundll32.exe C:\Users\Admin\AppData\Local\Temp\7930ee0077c4424c986f2be42e8ff250_NeikiAnalytics.dll,#1
  2⤵
  PID:2340