Analysis
-
max time kernel
149s -
max time network
152s -
platform
windows10-2004_x64 -
resource
win10v2004-20240426-en -
resource tags
arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system -
submitted
15-05-2024 18:20
Behavioral task
behavioral1
Sample
10e49d7a6d0f28d4df4daef4a18bb2e0_NeikiAnalytics.exe
Resource
win7-20240215-en
Behavioral task
behavioral2
Sample
10e49d7a6d0f28d4df4daef4a18bb2e0_NeikiAnalytics.exe
Resource
win10v2004-20240426-en
General
-
Target
10e49d7a6d0f28d4df4daef4a18bb2e0_NeikiAnalytics.exe
-
Size
137KB
-
MD5
10e49d7a6d0f28d4df4daef4a18bb2e0
-
SHA1
8decb06097dec03f73ab720f1af592a4dbcfc3f7
-
SHA256
8f7a764de18278e0f04c27022134a99045caf6b1932c6306fdb5707416f8ab34
-
SHA512
29aadfb2ac974dd84d26cdb234dac2d941f27f1670f9d7c1f3aeaccf48dab823cfc2d782fd6430f04200d31dd7c724bbcea9d587494d47ddb559d17ae5e5a2c2
-
SSDEEP
3072:AE9ByF5wP7Ht99mbaa+vKAzWvSVJSwpi6Ds9Q:7907wTr9mea+i6WKQG
Malware Config
Signatures
-
Modifies AppInit DLL entries 2 TTPs
-
resource yara_rule behavioral2/files/0x000b0000000233e6-8.dat aspack_v212_v242 -
Executes dropped EXE 1 IoCs
pid Process 1580 buhrkyf.exe -
Drops file in Program Files directory 2 IoCs
description ioc Process File created C:\PROGRA~3\Mozilla\oxnqgnd.dll buhrkyf.exe File created C:\PROGRA~3\Mozilla\buhrkyf.exe 10e49d7a6d0f28d4df4daef4a18bb2e0_NeikiAnalytics.exe
Processes
-
C:\Users\Admin\AppData\Local\Temp\10e49d7a6d0f28d4df4daef4a18bb2e0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\10e49d7a6d0f28d4df4daef4a18bb2e0_NeikiAnalytics.exe"1⤵
- Drops file in Program Files directory
PID:112
-
C:\PROGRA~3\Mozilla\buhrkyf.exeC:\PROGRA~3\Mozilla\buhrkyf.exe -pggkiil1⤵
- Executes dropped EXE
- Drops file in Program Files directory
PID:1580
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
137KB
MD5e4de61e4cbb87daa568d9e54d5695ff0
SHA1fd37421d601901fd6ebfda84718cb3fd9f26dade
SHA256705ad5034de0e06a87ebccb33d0327ca76e19f7e1a6ac5c9766c94d8757f22b9
SHA5120bd0dfc42132e556cf5dac997f09502cfda75b4fe714dbf413d204d4e33f23865604558bd460946fb135c2bab573537ffbe44a1de123d791b193608f5527610b