75fab42ab3de16faa1284d07dc5eec3747e77ebe4d666f5fa1e1292fd337a46f

Analysis

max time kernel
149s
max time network
151s
platform
windows10-2004_x64
resource
win10v2004-20240426-en
resource tags

arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system
submitted
17-05-2024 00:46

Target

6cef84838f12f22c1d5ef0470cc75980_NeikiAnalytics.exe
Size

73KB
MD5

6cef84838f12f22c1d5ef0470cc75980
SHA1

7c38ede626d040cceef0c858bf2c0be82eac7b92
SHA256

75fab42ab3de16faa1284d07dc5eec3747e77ebe4d666f5fa1e1292fd337a46f
SHA512

c9541cadbcdce7a278aeab2baa96c521eafd60d4884f382973fd8c78a6014be2578106c96afa65efe76b4027346322b228ce09e0e934c5d8e37a5eeb3685105d
SSDEEP

1536:1K7QGVjigzirGfbTjJTASbe+04zwHSoMU3k0A8Boqr:yQG52rGfPjJTAD+048HS0k0A8Gqr

Score

7^/10

Executes dropped EXE 1 IoCs

pid	Process
388	ealnapur.exe

Drops file in System32 directory 2 IoCs

description	ioc	Process
File created	C:\Windows\SysWOW64\ealnapur.exe	6cef84838f12f22c1d5ef0470cc75980_NeikiAnalytics.exe
File opened for modification	C:\Windows\SysWOW64\ealnapur.exe	6cef84838f12f22c1d5ef0470cc75980_NeikiAnalytics.exe

C:\Users\Admin\AppData\Local\Temp\6cef84838f12f22c1d5ef0470cc75980_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\6cef84838f12f22c1d5ef0470cc75980_NeikiAnalytics.exe"
1⤵
- Drops file in System32 directory
PID:3180
- C:\Windows\SysWOW64\ealnapur.exe
  "C:\Windows\SysWOW64\ealnapur.exe"
  2⤵
  - Executes dropped EXE
  PID:388

C:\Windows\SysWOW64\ealnapur.exe

Filesize
70KB

MD5
4a2dbe275622d0491d5f3c33e9198a68

SHA1
f766b46de3b9bda3a82a8dc0bf562d95b2a0c1c8

SHA256
495a8abacaa5d2547b94e6ec3ee7c7071bac72966c4263781948d14f057778a3

SHA512
789f43eb5ece5c7263ba514899f15c5d3b87f95dd007abca27e5b6b9255cd3b8acdd51011e7fbde064fef039c8b2e6e12eb765b53ed253b9c8e6c52f27920e33

Download Submit
memory/3180-1-0x0000000077752000-0x0000000077753000-memory.dmp

Filesize
4KB

Download
memory/3180-4-0x0000000000400000-0x0000000000403000-memory.dmp

Filesize
12KB

Download