Overview

overview

7

Static

static

3

e30638120c...cs.exe

windows7-x64

7

e30638120c...cs.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    130s
  • max time network
    100s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240426-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system
  • submitted
    16/05/2024, 15:22

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    e30638120c8b38d498d8976074885f90_NeikiAnalytics.exe

  • Size

    74KB

  • MD5

    e30638120c8b38d498d8976074885f90

  • SHA1

    5295bc5373ba9f04320a80eb9d1baab80c6d223f

  • SHA256

    233e38e21fe2e99dc1b7a0dcb3e72dea541f9476670afd1b29378541097bd320

  • SHA512

    748b07002794ed63f20ed3154172c21b7fde3cdd9351b16efbea63be304cfd1019f09286119869a78685c152f32513ee680598c971691e5af9fa7c22adf317d7

  • SSDEEP

    1536:1YF8NLCofRLCg/pdsHT+obdo8Cgzvl4ooofgke253u2D+vm1:uF+LCofRLCgxSzXo8CgpIo53u2D+q

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Drops file in System32 directory 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\e30638120c8b38d498d8976074885f90_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\e30638120c8b38d498d8976074885f90_NeikiAnalytics.exe"
    1⤵
    • Drops file in System32 directory
    PID:3312
    • C:\Windows\SysWOW64\ahroasot.exe
      "C:\Windows\SysWOW64\ahroasot.exe"
      2⤵
      • Executes dropped EXE
      PID:2600

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Windows\SysWOW64\ahroasot.exe
          Filesize

          70KB

          MD5

          dbd27cf9afac929ef61fc998ce1c1bbe

          SHA1

          1c2bf47e13164fe13a1d9763f605c874332ae37b

          SHA256

          d9e9c291d07ba7bf6d0bf7fe6fd5622c79c08a19a1fe7d61f9b376bcee67caf2

          SHA512

          bfc01d77289e90acfb78ed12fd3163fbf441b11aaa47805acb37e09d0e205f047357d46084331a4bfe0e1e88ff6eeb5adc4b4fe54f912565bc6c97c72f5b90cf

          Download Submit

        • memory/3312-3-0x0000000000400000-0x0000000000403000-memory.dmp

          Filesize

          12KB

          Download