8e5fc735c95c1b98911069a893fb23f6e25347d927e5576201bd005a41ee7153 | Triage

Analysis

max time kernel
118s
max time network
119s
platform
windows7_x64
resource
win7-20240508-en
resource tags

arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
submitted
22-05-2024 23:20

Sharing

Report Analysis Logs

General

Target

561cb50fcbaac6aaa9ec5bc8e8c41740_NeikiAnalytics.exe
Size

153KB
MD5

561cb50fcbaac6aaa9ec5bc8e8c41740
SHA1

30f1997c7936e66a4b22810af97331dc0195e0b3
SHA256

8e5fc735c95c1b98911069a893fb23f6e25347d927e5576201bd005a41ee7153
SHA512

3373e516ed4a791a37d9438c9fb10b53cad80f0f4355cf2184f228ee92d66d36ca9123ea0b1f0959fbadcde6b9544281c814a744eb107575aa87927cbba44190
SSDEEP

3072:NMBAsVfAdCDV6AzAlmgFvYGnJd6KpZV3uTN9WU/G9h3Gw590Kqk:NcVVfA0QAPgFvYGJd6KpZV3uTN9WU/Gs

Score

3^/10

Malware Config

Signatures

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

C:\Users\Admin\AppData\Local\Temp\561cb50fcbaac6aaa9ec5bc8e8c41740_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\561cb50fcbaac6aaa9ec5bc8e8c41740_NeikiAnalytics.exe"
1⤵
PID:2716

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2716-0-0x000007FEF616E000-0x000007FEF616F000-memory.dmp

Filesize
4KB

Download
memory/2716-1-0x000007FEF5EB0000-0x000007FEF684D000-memory.dmp

Filesize
9.6MB

Download
memory/2716-2-0x000007FEF5EB0000-0x000007FEF684D000-memory.dmp

Filesize
9.6MB

Download
memory/2716-3-0x000007FEF5EB0000-0x000007FEF684D000-memory.dmp

Filesize
9.6MB

Download
memory/2716-4-0x000007FEF5EB0000-0x000007FEF684D000-memory.dmp

Filesize
9.6MB

Download