Overview

overview

7

Static

static

7

4b0f82056e...cs.exe

windows7-x64

7

4b0f82056e...cs.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    118s
  • max time network
    119s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    22-05-2024 22:23

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    4b0f82056e09b6875b8d6195b2808a20_NeikiAnalytics.exe

  • Size

    3.5MB

  • MD5

    4b0f82056e09b6875b8d6195b2808a20

  • SHA1

    46b5679b02b66c43a73300f8c74f1181716064d7

  • SHA256

    8bc6f3ea946eb094a8468879e0507f8d3a084b2d05fd5ea0e5b1470ae866fb0f

  • SHA512

    bcc9854eccb0f4cbdb3331c8e8018e671188da9c08ec127c2878295239ab4f8daa44920497a80c187d178c05b7f60dc1fddd130fdae17e0c773c83172a9506f5

  • SSDEEP

    98304:llAzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzz+:lazzzzzzzzzzzzzzzzzzzzzzzzzzzzzG

Score
7/10
upx

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • UPX packed file 3 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Drops file in System32 directory 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\4b0f82056e09b6875b8d6195b2808a20_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\4b0f82056e09b6875b8d6195b2808a20_NeikiAnalytics.exe"
    1⤵
    • Drops file in System32 directory
    PID:2332
  • C:\Windows\SysWOW64\svrwsc.exe
    C:\Windows\SysWOW64\svrwsc.exe
    1⤵
    • Executes dropped EXE
    • Drops file in System32 directory
    PID:1028

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Windows\SysWOW64\svrwsc.exe
    Filesize

    3.9MB

    MD5

    65a5e51561bae6b61e4d697ffecdd946

    SHA1

    94cd266d35d47b6c12778743c389c6a639f6cd7e

    SHA256

    55465b976c7b35542bf3dc09f90908aca472fd67714b029c210ed3ccb81a1e04

    SHA512

    ef6b3b67545c4008e4e06c073f40e75997566bdeee0ac0f4c75e0ef1ab4d69a0cb4877f731822dc410674c2bf17e8afc9b412faf1c28a38abf49cdfb3ae41534

    Download Submit

  • memory/1028-5-0x0000000000400000-0x000000000042A000-memory.dmp

    Filesize

    168KB

    Download

  • memory/1028-6-0x0000000000400000-0x000000000042A000-memory.dmp

    Filesize

    168KB

    Download

  • memory/2332-0-0x0000000000400000-0x000000000042A000-memory.dmp

    Filesize

    168KB

    Download

  • memory/2332-2-0x0000000000400000-0x000000000042A000-memory.dmp

    Filesize

    168KB

    Download

  • memory/2332-1-0x00000000003B0000-0x00000000003B5000-memory.dmp

    Filesize

    20KB

    Download

  • memory/2332-7-0x0000000000400000-0x000000000042A000-memory.dmp

    Filesize

    168KB

    Download