47d1185a0b0f44c98abeaa4ad7b5a89f4b4688a16859fd8b7d3e9286143e3ee8

Analysis

max time kernel
121s
max time network
121s
platform
windows7_x64
resource
win7-20240419-en
resource tags

arch:x64arch:x86image:win7-20240419-enlocale:en-usos:windows7-x64system
submitted
17/05/2024, 03:07

Target

93b04a96316a5f483ed72e620348c5b0_NeikiAnalytics.exe
Size

74KB
MD5

93b04a96316a5f483ed72e620348c5b0
SHA1

c5ae5ec9140d1cc78a1e8dd1f48822a6272ddcd9
SHA256

47d1185a0b0f44c98abeaa4ad7b5a89f4b4688a16859fd8b7d3e9286143e3ee8
SHA512

74c5d939b15a8ef47add4151b5c076d2e0ee3470d0e66d15ca88cbd21d5f5f8d36b98e9bad931912b52e55c8dc7264d4d8898b1695ad4404ea16450b77368b6b
SSDEEP

1536:1YF8NLCofRLCg/pdsHT+obdo8Cgzvl4ooofgke253u2xI:uF+LCofRLCgxSzXo8CgpIo53u2a

Score

7^/10

Executes dropped EXE 1 IoCs

pid	Process
2052	oumnoguk-amix.exe

Loads dropped DLL 1 IoCs

pid	Process
2912	93b04a96316a5f483ed72e620348c5b0_NeikiAnalytics.exe

Drops file in System32 directory 2 IoCs

description	ioc	Process
File opened for modification	C:\Windows\SysWOW64\oumnoguk-amix.exe	93b04a96316a5f483ed72e620348c5b0_NeikiAnalytics.exe
File created	C:\Windows\SysWOW64\oumnoguk-amix.exe	93b04a96316a5f483ed72e620348c5b0_NeikiAnalytics.exe

C:\Users\Admin\AppData\Local\Temp\93b04a96316a5f483ed72e620348c5b0_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\93b04a96316a5f483ed72e620348c5b0_NeikiAnalytics.exe"
1⤵
- Loads dropped DLL
- Drops file in System32 directory
PID:2912
- C:\Windows\SysWOW64\oumnoguk-amix.exe
  "C:\Windows\SysWOW64\oumnoguk-amix.exe"
  2⤵
  - Executes dropped EXE
  PID:2052

\Windows\SysWOW64\oumnoguk-amix.exe

Filesize
70KB

MD5
86d79c7e41f18d07c98a96a30ba4ad65

SHA1
6beb3f330c03fdab41d3c9d2bbcbab2b3466d7e3

SHA256
efda24e0843475ccc2cb63eace2ca84a5c7896ea14359224b13b1e916493fff1

SHA512
61d0ca5c84e0df7f9eb477916a88a5862ae83253099ed9fbc8f52581fe14270124fa5c903a4fa5adf8a19c94c20513d5f2e498ca1f5f4538d7c4f9de575fbeb0

Download Submit
memory/2912-5-0x0000000000400000-0x0000000000403000-memory.dmp

Filesize
12KB

Download