Overview

overview

7

Static

static

3

e9fb11042c...cs.exe

windows7-x64

7

e9fb11042c...cs.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    143s
  • max time network
    158s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240226-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
  • submitted
    17/05/2024, 11:08

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    e9fb11042cad0531d5c4deb036c04040_NeikiAnalytics.exe

  • Size

    74KB

  • MD5

    e9fb11042cad0531d5c4deb036c04040

  • SHA1

    a0a7804492c4ec2e122bb914f6622c522578c62f

  • SHA256

    5acec0828e1fcee746a2373cb0b5ddb9bcd63a92eb2f548b82e9a0143bfe1a2a

  • SHA512

    214c43708ae1d7076aaff4e68a8f8c600f2b3459dd015871eb7ad785c56b9f0613afebe6f917975ede0255fae2aa71e4f7a5ae1ed80867f9b185d3ca7f106e37

  • SSDEEP

    1536:1K7ylw2jlA6WBRCJKObnTNBbJ6I4WMJvdDlQDhI5erKT3FgP:c7H6rbTNSImvplQVIQ0gP

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Drops file in System32 directory 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\e9fb11042cad0531d5c4deb036c04040_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\e9fb11042cad0531d5c4deb036c04040_NeikiAnalytics.exe"
    1⤵
    • Drops file in System32 directory
    PID:1184
    • C:\Windows\SysWOW64\eannokac.exe
      "C:\Windows\SysWOW64\eannokac.exe"
      2⤵
      • Executes dropped EXE
      PID:4764
  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=4828 --field-trial-handle=3060,i,1774866140584649235,8085848018931772189,262144 --variations-seed-version /prefetch:8
    1⤵
      PID:2568

    Network

          MITRE ATT&CK Matrix

          Replay Monitor

          Loading Replay Monitor...

          Downloads

          • C:\Windows\SysWOW64\eannokac.exe
            Filesize

            70KB

            MD5

            afbdd32522f6e2b191f855a87f7e6b73

            SHA1

            a6dfe9e0a1610a8381f5368443e1a1dda6935cf7

            SHA256

            272a608635a0e82cec67816d1d51698c68d5496c87cbd82f4aa5fa08e0ca61cf

            SHA512

            87475cfeb8a511e4e35a25e379e8f5b959dc27e5bdd2598400b9d38827460a20301a3ef010d151f5b367481a11f44df28789b8c06f7d89df3a7fd2855f9eed77

            Download Submit

          • memory/1184-0-0x0000000077832000-0x0000000077833000-memory.dmp

            Filesize

            4KB

            Download

          • memory/1184-4-0x0000000000400000-0x0000000000403000-memory.dmp

            Filesize

            12KB

            Download