8e41cbef4e9ffa5ba5e273f7c9dc37f051dcf2b8c366912dee7c0b34faad3a46

Analysis

max time kernel
121s
max time network
121s
platform
windows7_x64
resource
win7-20240220-en
resource tags

arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system
submitted
16/05/2024, 04:51

Target

9cf0076e7839b20dfefb3c8aceed3f70_NeikiAnalytics.exe
Size

74KB
MD5

9cf0076e7839b20dfefb3c8aceed3f70
SHA1

6eb760c37ec58b03735bec9765428a6b8dc4e719
SHA256

8e41cbef4e9ffa5ba5e273f7c9dc37f051dcf2b8c366912dee7c0b34faad3a46
SHA512

4d6ea2bb14e2e2f786ee84260c4d66076a6cc5116a47a08e1c2cb02ddf39d610610b502de8b597a937473cb29ecf6cb0ed9c81ebf6e4598f5ef77c38ca123ffc
SSDEEP

1536:1YF8NLCofRLCg/pdsHT+obdo8Cgzvl4ooofgke253u2Du:uF+LCofRLCgxSzXo8CgpIo53u2Du

Score

7^/10

Executes dropped EXE 1 IoCs

pid	Process
3036	avsibad.exe

Loads dropped DLL 1 IoCs

pid	Process
2360	9cf0076e7839b20dfefb3c8aceed3f70_NeikiAnalytics.exe

Drops file in System32 directory 2 IoCs

description	ioc	Process
File opened for modification	C:\Windows\SysWOW64\avsibad.exe	9cf0076e7839b20dfefb3c8aceed3f70_NeikiAnalytics.exe
File created	C:\Windows\SysWOW64\avsibad.exe	9cf0076e7839b20dfefb3c8aceed3f70_NeikiAnalytics.exe

C:\Users\Admin\AppData\Local\Temp\9cf0076e7839b20dfefb3c8aceed3f70_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\9cf0076e7839b20dfefb3c8aceed3f70_NeikiAnalytics.exe"
1⤵
- Loads dropped DLL
- Drops file in System32 directory
PID:2360
- C:\Windows\SysWOW64\avsibad.exe
  "C:\Windows\SysWOW64\avsibad.exe"
  2⤵
  - Executes dropped EXE
  PID:3036

\Windows\SysWOW64\avsibad.exe

Filesize
71KB

MD5
e3b585bb9a7e8cd35d7985d1825cfb31

SHA1
b1bec2b03737ee2f34bc87a864b46dc6c9187748

SHA256
6bddaf74ea125c9f33108173847fc639a1b146c751a0df191451f4b319075ba6

SHA512
d3aed5cb5b2c4822b1eee243f37637370bdfab692ca09902aef8da15a0971b99bafdcc78ac787703acb71a5d0a5d0d36d6d06f435ac73ade3f4f598d4505f8a4

Download Submit
memory/2360-5-0x0000000000400000-0x0000000000403000-memory.dmp

Filesize
12KB

Download