Analysis
-
max time kernel
118s -
max time network
119s -
platform
windows7_x64 -
resource
win7-20231129-en -
resource tags
arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system -
submitted
22-05-2024 22:52
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
5118d6d7cfaeda5be142af8581348270_NeikiAnalytics.dll
Resource
win7-20231129-en
windows7-x64
1 signatures
150 seconds
Behavioral task
behavioral2
Sample
5118d6d7cfaeda5be142af8581348270_NeikiAnalytics.dll
Resource
win10v2004-20240426-en
windows10-2004-x64
0 signatures
150 seconds
General
-
Target
5118d6d7cfaeda5be142af8581348270_NeikiAnalytics.dll
-
Size
1.3MB
-
MD5
5118d6d7cfaeda5be142af8581348270
-
SHA1
c56d1b1c6f0512a906bf87079a219e174324d386
-
SHA256
c2e56ea4f5d803722159f2472a46421c277060ba04bd20fe74881aff1207b7a8
-
SHA512
08eacee3699f3969e64346e17ba5fc4c3fd690493cd576805e4811197622e1f86c5b5eca9d767692dec3c50ca5deb826ec0d4919f985f69dcc4aa9a0b7f5ac9a
-
SSDEEP
24576:5QaW9LCbp4Xv1A4fBC3cZP45oSltU8118v/6wE:5QaW9eiP0MZAhnUm18H6T
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes:
rundll32.exedescription pid process target process PID 624 wrote to memory of 2224 624 rundll32.exe WerFault.exe PID 624 wrote to memory of 2224 624 rundll32.exe WerFault.exe PID 624 wrote to memory of 2224 624 rundll32.exe WerFault.exe