Overview

overview

7

Static

static

3

ada204b7f0...cs.exe

windows7-x64

7

ada204b7f0...cs.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    118s
  • max time network
    120s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    20-05-2024 04:32

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ada204b7f04507cd50bbdf642f218df0_NeikiAnalytics.exe

  • Size

    192KB

  • MD5

    ada204b7f04507cd50bbdf642f218df0

  • SHA1

    98868ed7b997b836a02d7182809370769aa31a3a

  • SHA256

    8dadee51fd1ed921c4abaa51c9f76fa73089bb0386f5280e7377e6d63ba90c58

  • SHA512

    8ae031a3d4caee314d2e0ee3d5f136710d2c8cab472dbbedd750d79d7fd2c4ec0a006ad01d16bc22960cd6e42524655f5fd02b90f02ca131041637c0d6cf5d43

  • SSDEEP

    3072:YOlXrt8+Mr3C0SSCZmvAsRCvoUneBx5Wjn/biv5Wa1jRTPdCYroJWcgb+sKGE8Ep:jTcy4vAgh4L2Vc3uS1NIDEqZq

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious behavior: RenamesItself 1 IoCs
  • Suspicious use of UnmapMainImage 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\ada204b7f04507cd50bbdf642f218df0_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\ada204b7f04507cd50bbdf642f218df0_NeikiAnalytics.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: RenamesItself
    • Suspicious use of WriteProcessMemory
    PID:2020
    • C:\Users\Admin\AppData\Local\Temp\ada204b7f04507cd50bbdf642f218df0_NeikiAnalytics.exe
      C:\Users\Admin\AppData\Local\Temp\ada204b7f04507cd50bbdf642f218df0_NeikiAnalytics.exe
      2⤵
      • Deletes itself
      • Executes dropped EXE
      • Suspicious behavior: GetForegroundWindowSpam
      • Suspicious use of UnmapMainImage
      PID:2252

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Users\Admin\AppData\Local\Temp\ada204b7f04507cd50bbdf642f218df0_NeikiAnalytics.exe
    Filesize

    192KB

    MD5

    1c734a1e5527cd3e51c3edface48d5b9

    SHA1

    ce84c812d1cc75530883849eab1da39b5d15e68e

    SHA256

    aa952714c314301494af164715c99e7874541fb83ba4789bb4ce8905a7830418

    SHA512

    2e4e14c253e5036e55962d1772f5c28bfaf5df73b2895c0d6fd98e8f9a4b26aca028ac38d1fad9c74df69f8a7f00ee2ca8fdd28b3f77d353fd6eca2c148c36a4

    Download Submit

  • memory/2020-0-0x0000000000400000-0x0000000000438000-memory.dmp

    Filesize

    224KB

    Download

  • memory/2020-10-0x0000000000400000-0x0000000000438000-memory.dmp

    Filesize

    224KB

    Download

  • memory/2252-11-0x0000000000400000-0x0000000000438000-memory.dmp

    Filesize

    224KB

    Download

  • memory/2252-17-0x0000000000130000-0x0000000000168000-memory.dmp

    Filesize

    224KB

    Download

  • memory/2252-12-0x0000000000400000-0x0000000000415000-memory.dmp

    Filesize

    84KB

    Download