78658340c41f1e022442495a9391e555c30e09254fd23a1c08255028d0f333a6

Analysis

max time kernel
92s
max time network
94s
platform
windows10-2004_x64
resource
win10v2004-20240508-en
resource tags

arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
submitted
15-05-2024 05:42

Target

8d670e015a61783e818bef14c9f5f470_NeikiAnalytics.dll
Size

81KB
MD5

8d670e015a61783e818bef14c9f5f470
SHA1

e5049dc0a0502547564dd600841687f5750e234c
SHA256

78658340c41f1e022442495a9391e555c30e09254fd23a1c08255028d0f333a6
SHA512

df3af1c175d397a8ebfe4d0a779992b2576fb3832f7d8397858eed4835c899453bf50b64b56d5d04f0aa13460d2d34b000ef9cc7dd95a2a59babf9b1f4307edc
SSDEEP

1536:ZtByXv7uWGEqXZKXTadSp7Lxw9zzBPw+iASUSFOj8sWHcdF7zenq8WM:Z4v4JKXTx71w0ArSsXF3enq8WM

Score

1^/10

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 2436 wrote to memory of 212	2436	rundll32.exe	82
PID 2436 wrote to memory of 212	2436	rundll32.exe	82
PID 2436 wrote to memory of 212	2436	rundll32.exe	82

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\8d670e015a61783e818bef14c9f5f470_NeikiAnalytics.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:2436
- C:\Windows\SysWOW64\rundll32.exe
  rundll32.exe C:\Users\Admin\AppData\Local\Temp\8d670e015a61783e818bef14c9f5f470_NeikiAnalytics.dll,#1
  2⤵
  PID:212