Analysis
-
max time kernel
121s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20240220-en -
resource tags
arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system -
submitted
22-05-2024 23:56
Behavioral task
behavioral1
Sample
5d08a30dfce14bd5c7b83ceb85b6f120_NeikiAnalytics.pdf
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
5d08a30dfce14bd5c7b83ceb85b6f120_NeikiAnalytics.pdf
Resource
win10v2004-20240426-en
General
-
Target
5d08a30dfce14bd5c7b83ceb85b6f120_NeikiAnalytics.pdf
-
Size
122KB
-
MD5
5d08a30dfce14bd5c7b83ceb85b6f120
-
SHA1
d5024765373b592bb6ca162a1d055c6a704a8b8b
-
SHA256
27fa6e52ff38e87372c0daaa64edf9af00bd3e62cc316f79daa128470c7d68b0
-
SHA512
6d17d4cde5d7581d1d7662e31492e6a859ce2a3b2da8a101ebe43476765c629e2e5bde10114e8ffbd58db275985ff4b69e2e7b93fe0b15c3e85cba823fd08df6
-
SSDEEP
3072:WKxxMiwrcLZDTg1E7dEQCkCiqNJRDQwjwFx24GFVbP9I3TFST7n:dxxBw4lDTYEpEQ3CiqxF0z24g3IsL
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
Processes:
AcroRd32.exepid process 1248 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
Processes:
AcroRd32.exepid process 1248 AcroRd32.exe 1248 AcroRd32.exe 1248 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\5d08a30dfce14bd5c7b83ceb85b6f120_NeikiAnalytics.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEventsFilesize
3KB
MD5da9dc6d3659a110d6d80dbbff162588f
SHA126b4f1a65895f3052275d9eebc23feaeffa8604f
SHA256a24ae75cff705e24b013f0d810721be5066e0b41869efb32452952c2bd71092d
SHA512d2f682dd14f121aa63708abb88e887ef1e07f3b07e7b91da8eeadbf4e1d522ccb1f101fa2d9f8c36e147d9270796737afa9f8648a537c05dba6cf2d1bf9ade25