68836268c64512d1aa64049c1623c229fd5303764253600ff8dbdf7889686a49

Analysis

max time kernel
118s
max time network
119s
platform
windows7_x64
resource
win7-20240508-en
resource tags

arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
submitted
15/05/2024, 13:29

Target

d4338531822d00d4f429fc0322771c90_NeikiAnalytics.exe
Size

1.3MB
MD5

d4338531822d00d4f429fc0322771c90
SHA1

3f5c55b51771732fe93f0f5d1963011f1507a499
SHA256

68836268c64512d1aa64049c1623c229fd5303764253600ff8dbdf7889686a49
SHA512

c2719c63c2a6886b778da6dc4d939497d0dbda5e613e2c1cbaf67baeee456215c4a15a62b9457ebffd42aab351bc87c50a02fae346c2ccf9d9f9b4b154949a7e
SSDEEP

12288:JBpJb3sRgf+9cTAhrj2TsqjVDa/ZSoPDm3Xx/MCtjW:rpJTs2bqf2Y4a/ZSoPDQ+ei

Score

7^/10

Deletes itself 1 IoCs

pid	Process
2592	d4338531822d00d4f429fc0322771c90_NeikiAnalytics.exe

Executes dropped EXE 1 IoCs

pid	Process
2592	d4338531822d00d4f429fc0322771c90_NeikiAnalytics.exe

Loads dropped DLL 4 IoCs

Program crash 1 IoCs

pid	pid_target	Process	procid_target
2156	2592	WerFault.exe	29

Suspicious behavior: RenamesItself 1 IoCs

pid	Process
2232	d4338531822d00d4f429fc0322771c90_NeikiAnalytics.exe

Suspicious use of UnmapMainImage 1 IoCs

pid	Process
2592	d4338531822d00d4f429fc0322771c90_NeikiAnalytics.exe

Suspicious use of WriteProcessMemory 8 IoCs

description	pid	Process	procid_target
PID 2232 wrote to memory of 2592	2232	d4338531822d00d4f429fc0322771c90_NeikiAnalytics.exe	29
PID 2232 wrote to memory of 2592	2232	d4338531822d00d4f429fc0322771c90_NeikiAnalytics.exe	29
PID 2232 wrote to memory of 2592	2232	d4338531822d00d4f429fc0322771c90_NeikiAnalytics.exe	29
PID 2232 wrote to memory of 2592	2232	d4338531822d00d4f429fc0322771c90_NeikiAnalytics.exe	29
PID 2592 wrote to memory of 2156	2592	d4338531822d00d4f429fc0322771c90_NeikiAnalytics.exe	30
PID 2592 wrote to memory of 2156	2592	d4338531822d00d4f429fc0322771c90_NeikiAnalytics.exe	30
PID 2592 wrote to memory of 2156	2592	d4338531822d00d4f429fc0322771c90_NeikiAnalytics.exe	30
PID 2592 wrote to memory of 2156	2592	d4338531822d00d4f429fc0322771c90_NeikiAnalytics.exe	30

\Users\Admin\AppData\Local\Temp\d4338531822d00d4f429fc0322771c90_NeikiAnalytics.exe

Filesize
1.3MB

MD5
c01bd78ea2b2d92a9ec204a8053f5a9e

SHA1
e6b75fd573e613f65e53f409fca7c1f37a47a558

SHA256
36149bb00a70efb0511f05411616dd5b2fef41a7271ce904790eaac667b42cbd

SHA512
d6e8275a9c177d88879ae458e4175a32f92d58e3f11c580c9d85e39fa99eaee4bb068c88bfb5501aef1ab90df43048520871fd720c62b0813ed45a1faa4fc8e0

Download Submit
memory/2232-0-0x0000000000400000-0x00000000004F0000-memory.dmp

Filesize
960KB

Download
memory/2232-9-0x0000000000400000-0x00000000004F0000-memory.dmp

Filesize
960KB

Download
memory/2592-8-0x0000000000400000-0x00000000004F0000-memory.dmp

Filesize
960KB

Download
memory/2592-10-0x00000000014F0000-0x00000000015E0000-memory.dmp

Filesize
960KB

Download
memory/2592-14-0x0000000000400000-0x00000000004F0000-memory.dmp

Filesize
960KB

Download