Overview

overview

7

Static

static

3

1f5194f949...cs.exe

windows7-x64

7

1f5194f949...cs.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    149s
  • max time network
    150s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240426-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system
  • submitted
    17/05/2024, 19:23

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    1f5194f949308e4d933d5bf50f42df00_NeikiAnalytics.exe

  • Size

    73KB

  • MD5

    1f5194f949308e4d933d5bf50f42df00

  • SHA1

    246759f7008b0d3b2ab7bf097cf237f9b3116d35

  • SHA256

    c1459820ee2a7974565c2fd8893603e574ab19e903ebf8c04c7c896828c50db6

  • SHA512

    0afc66ddadc12d8ce5f08e8e5c4f9b8f6003077eeddfaa4763bf72346114bd77767b3ddb1d84625ff57723cc653d3f5cfe16303b35867d8aacb8697ada8f8fad

  • SSDEEP

    768:hZZ6Zyf9SDcnZARkcr07JP9Xdg7SV5bWNy1IMakG98N+hayyyOHoW5iKTNGNXft8:1gDcIJ0JlXuGEUaWMnHcJOVkr1B

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Drops file in System32 directory 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\1f5194f949308e4d933d5bf50f42df00_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\1f5194f949308e4d933d5bf50f42df00_NeikiAnalytics.exe"
    1⤵
    • Drops file in System32 directory
    PID:3940
    • C:\Windows\SysWOW64\axpoobug.exe
      "C:\Windows\SysWOW64\axpoobug.exe"
      2⤵
      • Executes dropped EXE
      PID:4492

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Windows\SysWOW64\axpoobug.exe
          Filesize

          70KB

          MD5

          4b31868e57b1ec0bbf58a6bedac80e7c

          SHA1

          a8a3572ebe1f0b927c1279e1478a2c41f48ef3ca

          SHA256

          4b1850dea2c1581205b509c0df45fd4f5bffae47fbbefa600caa6a5a9f0a5404

          SHA512

          31d3a9885315211d5b29e890c751d27ee3bf77811afc258ea6661eca6937bdc00a39dfdad2233241539eede0de9a0e5cd75e5f949daff4fb315927ecf0239880

          Download Submit

        • memory/3940-1-0x00000000773A2000-0x00000000773A3000-memory.dmp

          Filesize

          4KB

          Download

        • memory/3940-4-0x0000000000400000-0x0000000000403000-memory.dmp

          Filesize

          12KB

          Download