34d0e19ba1320e27a688d1037ee51173deaaff40b17040ebaab36bc40a033fc6

Analysis

max time kernel
117s
max time network
117s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
16/05/2024, 08:37

Target

ca8d7f159b4b8e94f112ce5a76773c10_NeikiAnalytics.exe
Size

73KB
MD5

ca8d7f159b4b8e94f112ce5a76773c10
SHA1

8530ebdb94286aba8bdfe02f6448ba2c087b6884
SHA256

34d0e19ba1320e27a688d1037ee51173deaaff40b17040ebaab36bc40a033fc6
SHA512

2b734a19727029493f9528a75cc1afa5e341e3dafb6fbe768529471476e58afd2df28563d1b7f3ca48896a20628f021ba33724334921ebcbdbda2ae614b219ce
SSDEEP

1536:1v1Po/bQ+2Ovwd7o7mUj2JB1I32MZ1Rb/NW/Cxjtme1MeLt:t1PoTQ+2Ovwd7o7m02z1I32MnRzqIf15

Score

7^/10

Executes dropped EXE 1 IoCs

pid	Process
2940	pvucip.exe

Loads dropped DLL 1 IoCs

pid	Process
2156	ca8d7f159b4b8e94f112ce5a76773c10_NeikiAnalytics.exe

Drops file in System32 directory 2 IoCs

description	ioc	Process
File opened for modification	C:\Windows\SysWOW64\pvucip.exe	ca8d7f159b4b8e94f112ce5a76773c10_NeikiAnalytics.exe
File created	C:\Windows\SysWOW64\pvucip.exe	ca8d7f159b4b8e94f112ce5a76773c10_NeikiAnalytics.exe

C:\Users\Admin\AppData\Local\Temp\ca8d7f159b4b8e94f112ce5a76773c10_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\ca8d7f159b4b8e94f112ce5a76773c10_NeikiAnalytics.exe"
1⤵
- Loads dropped DLL
- Drops file in System32 directory
PID:2156
- C:\Windows\SysWOW64\pvucip.exe
  "C:\Windows\SysWOW64\pvucip.exe"
  2⤵
  - Executes dropped EXE
  PID:2940

\Windows\SysWOW64\pvucip.exe

Filesize
70KB

MD5
67d58c36a962d031259d24719e2e44f2

SHA1
3951a2e450ed76fff161c993dd96b91c3d8fa88e

SHA256
ea3faf4365334779ac506e2f47474666957c835b39776717196c7a62cfba1542

SHA512
f1e40e1796bd35a99a8a1fd3dd4ce90abcbb43c2aabae7f2bbd72f6ad691e9b7d4cde1d9057aaef93ca358fde9cafe1cbe57635eba72784f1c94bba13b83c3d7

Download Submit
memory/2156-5-0x0000000000400000-0x0000000000403000-memory.dmp

Filesize
12KB

Download