Overview

overview

7

Static

static

3

165787fb4d...cs.exe

windows7-x64

7

165787fb4d...cs.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    120s
  • max time network
    121s
  • platform
    windows7_x64
  • resource
    win7-20240215-en
  • resource tags

    arch:x64arch:x86image:win7-20240215-enlocale:en-usos:windows7-x64system
  • submitted
    16-05-2024 19:00

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    165787fb4d229ea6e0f82590e48c77b0_NeikiAnalytics.exe

  • Size

    203KB

  • MD5

    165787fb4d229ea6e0f82590e48c77b0

  • SHA1

    8ad128e893bd82b36c5df9644645e39e5ec27e27

  • SHA256

    31774443c56fb79367a50b25b822e0426e90ddd2143f272b156bd173c11429b4

  • SHA512

    fe353b25e1fb6b79343c0fc16c936a734f40cbd0b340b99091181e88164cbaa67f533e62d77bf6b943e1079fe033dc5094daab726e18535d21f7d6e1a9762cb1

  • SSDEEP

    3072:nA9pKbOfsyzImo0wYz0Un/yfBNe/ZHl52qqNoXf6+1hyeYs/4lEJGMsget:nupKaEyzIR0wYravE5ZqNay+1pYsvsZ

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious behavior: RenamesItself 1 IoCs
  • Suspicious use of UnmapMainImage 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\165787fb4d229ea6e0f82590e48c77b0_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\165787fb4d229ea6e0f82590e48c77b0_NeikiAnalytics.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: RenamesItself
    • Suspicious use of WriteProcessMemory
    PID:2792
    • C:\Users\Admin\AppData\Local\Temp\165787fb4d229ea6e0f82590e48c77b0_NeikiAnalytics.exe
      C:\Users\Admin\AppData\Local\Temp\165787fb4d229ea6e0f82590e48c77b0_NeikiAnalytics.exe
      2⤵
      • Deletes itself
      • Executes dropped EXE
      • Suspicious behavior: GetForegroundWindowSpam
      • Suspicious use of UnmapMainImage
      PID:2284

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Users\Admin\AppData\Local\Temp\165787fb4d229ea6e0f82590e48c77b0_NeikiAnalytics.exe
    Filesize

    203KB

    MD5

    54920089bb0d5ee7c216f8438c5412a1

    SHA1

    ec5b10b9390ba169a248cd7e6a47d00f04e40ee3

    SHA256

    72aacb3bd17d83cb4161efb29b6dfe60351347f0799bfded5a9f05db66ad1f61

    SHA512

    21e5a83ce87468f71269712fba44c6b646f3ba8e5054e4fd783da0d9e4d8e9dfb23968c98d1e69e09202f80130295ea37f9cc0af03eaaf52dc20b160594fe8ee

    Download Submit

  • memory/2284-16-0x0000000000130000-0x000000000016E000-memory.dmp

    Filesize

    248KB

    Download

  • memory/2284-11-0x0000000000400000-0x0000000000415000-memory.dmp

    Filesize

    84KB

    Download

  • memory/2792-0-0x0000000000400000-0x000000000043E000-memory.dmp

    Filesize

    248KB

    Download

  • memory/2792-6-0x0000000000130000-0x000000000016E000-memory.dmp

    Filesize

    248KB

    Download

  • memory/2792-10-0x0000000000400000-0x000000000043E000-memory.dmp

    Filesize

    248KB

    Download