Overview

overview

7

Static

static

3

c848023be0...cs.exe

windows7-x64

7

c848023be0...cs.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    140s
  • max time network
    118s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    20/05/2024, 06:45

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    c848023be08a1cad23c820226d57a360_NeikiAnalytics.exe

  • Size

    1.8MB

  • MD5

    c848023be08a1cad23c820226d57a360

  • SHA1

    576a616dc3515bace683666c5beceafa294c2890

  • SHA256

    f57be29f6b67d869446bb10134617129bdd4e913a7a6d80fe73ac239df466ab0

  • SHA512

    9046027e37d74d2cfb968b7abece2b213dfbf3383c8c32a1a15e091f87491eb5fc3644214f69e992832de6512b1707699e7eda0060b450abf31f45ac0fc62e02

  • SSDEEP

    24576:GsjRR+B5+h+Y6lMfdxiMoEPkS4mntIllq+zNDzrqTnJhTz+n6z1GCS1b:GsAaSSTl9tIhqTnTTz+n6zQf9

Score
7/10
upx

Malware Config

Signatures

  • ACProtect 1.3x - 1.4x DLL software 1 IoCs

    Detects file using ACProtect software.

  • Loads dropped DLL 1 IoCs
  • UPX packed file 2 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\c848023be08a1cad23c820226d57a360_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\c848023be08a1cad23c820226d57a360_NeikiAnalytics.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of SetWindowsHookEx
    PID:1924

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • \Users\Admin\AppData\Local\Temp\apmB08.tmp
          Filesize

          148KB

          MD5

          10a2f663fdc511fd52bfcfd0a8837549

          SHA1

          e3669af6eeb82c20b10245caa4974cb727b52bf0

          SHA256

          bd5f2e4ac7c2bea616fa60a50698b0d6d46a9456c08392a5c62c340d6f738eeb

          SHA512

          7e54bcce8f6813873db102f010431ad1ba83d554e9c368c598d428a1b8e6bc10f3622e559c0daa9d5b1740aa6fc08a5d97bc3f23217035b929a64b0399ce9830

          Download Submit

        • memory/1924-1-0x00000000001C0000-0x00000000001C1000-memory.dmp

          Filesize

          4KB

          Download

        • memory/1924-4-0x0000000010000000-0x0000000010081000-memory.dmp

          Filesize

          516KB

          Download

        • memory/1924-5-0x0000000000400000-0x0000000000609000-memory.dmp

          Filesize

          2.0MB

          Download

        • memory/1924-9-0x00000000001C0000-0x00000000001C1000-memory.dmp

          Filesize

          4KB

          Download