Overview

overview

10

Static

static

10

a203468739...cs.exe

windows7-x64

6

a203468739...cs.exe

windows10-2004-x64

6

Analysis

  • max time kernel
    92s
  • max time network
    94s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240508-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
  • submitted
    20-05-2024 03:36

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    a20346873970849fe2f2a92f27a49d10_NeikiAnalytics.exe

  • Size

    4.6MB

  • MD5

    a20346873970849fe2f2a92f27a49d10

  • SHA1

    cfe413d0c4c7f5bb2d28a055f8763eb9b1033637

  • SHA256

    72d808ae03c9ef71daaf4e8c86d9d39127f211c1760e18848511d96fbc137213

  • SHA512

    05137e5b14e158fc68f06ad1b708f12c44c1117f60be13127b7271bd4ef7e27520f365c918dbc44c5d51b6ea88f4686d459068f0579c10879e37f28150ba2917

  • SSDEEP

    49152:l3Mlyy9gmGZyC6c8KPFQ3PgbRRdXVWCsVb6KUpZ+hDg1F2d63muLrYAGV5G0ROy:+lyhmGZyC6cDPFttXV5SbWf+YFCmwR

Score
6/10

Malware Config

Signatures

  • Drops desktop.ini file(s) 1 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\a20346873970849fe2f2a92f27a49d10_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\a20346873970849fe2f2a92f27a49d10_NeikiAnalytics.exe"
    1⤵
    • Drops desktop.ini file(s)
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    PID:4696

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/4696-0-0x0000000002850000-0x0000000002851000-memory.dmp

    Filesize

    4KB

    Download

  • memory/4696-2-0x0000000002870000-0x0000000002871000-memory.dmp

    Filesize

    4KB

    Download

  • memory/4696-3-0x0000000002860000-0x0000000002861000-memory.dmp

    Filesize

    4KB

    Download

  • memory/4696-1-0x0000000002840000-0x0000000002841000-memory.dmp

    Filesize

    4KB

    Download