74e7eba7689948122d89261bdb8c80057d1823a1c6148bbd7b36d7392462e666

Analysis

max time kernel
120s
max time network
122s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
22-05-2024 23:32

Target

588a272f4b23c9e7c571999f4afe0490_NeikiAnalytics.dll
Size

5KB
MD5

588a272f4b23c9e7c571999f4afe0490
SHA1

02e94cf07d7c7ded02abe35cdc1ff8df9faa1c4e
SHA256

74e7eba7689948122d89261bdb8c80057d1823a1c6148bbd7b36d7392462e666
SHA512

e1b12c07d44ffe48f36c37b27ce75177645ddabd81a2d4a9a5d58b5fbdfda240885915badf84eff61195cee0e04cff4da99b39bf1c207df5adfd935a7342d6ab
SSDEEP

48:CCy86+Wet9Q/iooHeiefhe+/lSMYEq2XCsV+xZtkflyOL8IqrGoa7+aWbBuPbL1:hy859x0P8MaDsVrfly281GQJbAbL1

Score

1^/10

Suspicious use of WriteProcessMemory 7 IoCs

Processes:

rundll32.exe

description	pid	process	target process
PID 2812 wrote to memory of 2204	2812	rundll32.exe	rundll32.exe
PID 2812 wrote to memory of 2204	2812	rundll32.exe	rundll32.exe
PID 2812 wrote to memory of 2204	2812	rundll32.exe	rundll32.exe
PID 2812 wrote to memory of 2204	2812	rundll32.exe	rundll32.exe
PID 2812 wrote to memory of 2204	2812	rundll32.exe	rundll32.exe
PID 2812 wrote to memory of 2204	2812	rundll32.exe	rundll32.exe
PID 2812 wrote to memory of 2204	2812	rundll32.exe	rundll32.exe

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\588a272f4b23c9e7c571999f4afe0490_NeikiAnalytics.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:2812

C:\Windows\SysWOW64\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\588a272f4b23c9e7c571999f4afe0490_NeikiAnalytics.dll,#1
2⤵
PID:2204