58730f0c4e1ae585d1eb2a6bc6606428162e3f1ca64f10f6c7322f484d934ea8

Analysis

max time kernel
130s
max time network
124s
platform
windows10-2004_x64
resource
win10v2004-20240426-en
resource tags

arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system
submitted
16/05/2024, 22:39

Target

4c0b8d373da73cc41339c0fecdba14a0_NeikiAnalytics.exe
Size

70KB
MD5

4c0b8d373da73cc41339c0fecdba14a0
SHA1

d0e01e9aaf556a6f41304f70eb42fe20f787cfa0
SHA256

58730f0c4e1ae585d1eb2a6bc6606428162e3f1ca64f10f6c7322f484d934ea8
SHA512

5102e611905442107ca7a681b0851306f40853dbc51911ef85d5b8d506fd9c87a5da9269533f83898a2c49b6c390151dafddc05fd0d3676911d04daef188d87c
SSDEEP

1536:1h3YrzjTGabh9X0PCig8Hf7j6iQ3e7OrAJ:jizjbbhtMC98/7pIe7L

Score

7^/10

Executes dropped EXE 1 IoCs

pid	Process
4600	oufkonean.exe

Drops file in System32 directory 2 IoCs

description	ioc	Process
File opened for modification	C:\WINDOWS\SysWOW64\oufkonean.exe	4c0b8d373da73cc41339c0fecdba14a0_NeikiAnalytics.exe
File created	C:\WINDOWS\SysWOW64\oufkonean.exe	4c0b8d373da73cc41339c0fecdba14a0_NeikiAnalytics.exe

C:\Users\Admin\AppData\Local\Temp\4c0b8d373da73cc41339c0fecdba14a0_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\4c0b8d373da73cc41339c0fecdba14a0_NeikiAnalytics.exe"
1⤵
- Drops file in System32 directory
PID:1928
- C:\WINDOWS\SysWOW64\oufkonean.exe
  "C:\WINDOWS\system32\oufkonean.exe"
  2⤵
  - Executes dropped EXE
  PID:4600

C:\Windows\SysWOW64\oufkonean.exe

Filesize
66KB

MD5
47678eeabe440b88a743fa65d26c2204

SHA1
d5a6db17518181a61c5a9baa5fd04e0483cdc44b

SHA256
34dce6cf8b8142ea07b3cfc11095b8db34d52ec917661efb0509a52d8fed3b92

SHA512
a646b0a75aee4bb769ca12687cb9aa0857c2e563fc03ec1b3efd8d10760d6f9a52760612d5f8850355533fc9f51c0887cb3d357811408a3c561964cd45d9b12a

Download Submit
memory/1928-3-0x0000000077B12000-0x0000000077B13000-memory.dmp

Filesize
4KB

Download
memory/1928-4-0x0000000000400000-0x0000000000403000-memory.dmp

Filesize
12KB

Download