Analysis
-
max time kernel
120s -
max time network
126s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
21-05-2024 19:29
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
07ee11ce0ee5d362fce109840ec0ef80_NeikiAnalytics.dll
Resource
win7-20240221-en
windows7-x64
1 signatures
150 seconds
Behavioral task
behavioral2
Sample
07ee11ce0ee5d362fce109840ec0ef80_NeikiAnalytics.dll
Resource
win10v2004-20240426-en
windows10-2004-x64
0 signatures
150 seconds
General
-
Target
07ee11ce0ee5d362fce109840ec0ef80_NeikiAnalytics.dll
-
Size
553KB
-
MD5
07ee11ce0ee5d362fce109840ec0ef80
-
SHA1
481f3e39a14dcc01f0f08d5050674faa201dda4f
-
SHA256
59b57840509b46cef835fce3c7c8bce2df7e5611cd17b2681a2da94badde3c20
-
SHA512
126f16ecc281fa236570ba156a83cfd0d06d9d9a0b088afc0c4c1ee93c02a8602b766d90de5a79b1fcb6db30c1b9e66d839f4f558698826c6fd82c8478a79e17
-
SSDEEP
6144:dzHUOkvi+1y5WzAsMH3dZXgKNCBl5Qems9o:dzHWit5rzjN0l5Fms+
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes:
rundll32.exedescription pid process target process PID 1500 wrote to memory of 2276 1500 rundll32.exe WerFault.exe PID 1500 wrote to memory of 2276 1500 rundll32.exe WerFault.exe PID 1500 wrote to memory of 2276 1500 rundll32.exe WerFault.exe