8c9864ca22543beeb5dd9996884f46d1b10e7caf51fe38c95c0d7cd6ce2376e8

Analysis

max time kernel
140s
max time network
125s
platform
windows10-2004_x64
resource
win10v2004-20240508-en
resource tags

arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
submitted
16-05-2024 22:58

Target

50468fce3f8b3832e548c30333c8cc50_NeikiAnalytics.dll
Size

5KB
MD5

50468fce3f8b3832e548c30333c8cc50
SHA1

7867edf4dcb578cbed8aeac79af3c449e08819e7
SHA256

8c9864ca22543beeb5dd9996884f46d1b10e7caf51fe38c95c0d7cd6ce2376e8
SHA512

e3be831213441c2abcab19557f31bd436ed73e8031d23fae0f59c2a87954fcce305b13e0ab97e2bfca8851bd6163199f3c18f80b0a6bfcb3ade8c83f274c3f51
SSDEEP

96:nEY2RrF1eqwi4Od96IAHs7+abC8fl0vKj+QTJi4xzOMLjv1:EHRh1eppOD6Ip7+abhfyKKQNiqzZ

Score

1^/10

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 4600 wrote to memory of 116	4600	rundll32.exe	83
PID 4600 wrote to memory of 116	4600	rundll32.exe	83
PID 4600 wrote to memory of 116	4600	rundll32.exe	83

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\50468fce3f8b3832e548c30333c8cc50_NeikiAnalytics.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:4600
- C:\Windows\SysWOW64\rundll32.exe
  rundll32.exe C:\Users\Admin\AppData\Local\Temp\50468fce3f8b3832e548c30333c8cc50_NeikiAnalytics.dll,#1
  2⤵
  PID:116