Overview

overview

7

Static

static

3

15a90d77ab...cs.exe

windows7-x64

7

15a90d77ab...cs.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    149s
  • max time network
    150s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240508-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
  • submitted
    22-05-2024 03:42

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    15a90d77abd19193cb55cdb423f44130_NeikiAnalytics.exe

  • Size

    73KB

  • MD5

    15a90d77abd19193cb55cdb423f44130

  • SHA1

    34ee4ee98259cbfad3473cfd6bd980c8fe0ec466

  • SHA256

    d4c6e234d6138951e53dd7ae869622516910b525dd5552b8f3a07c122eda7ba4

  • SHA512

    bf809fd154fb97ff75d04845c0566967ebd34c519fa3931c3bff15f467dcc8902d0c55dd4063467895cde5762dc579b5d2d575e870e70cdc4da09230043d37f7

  • SSDEEP

    768:hZZ6Zyf9TSp3UZvTslPBTEsEaYERSb7B/qm99dV3aTb5shzebLQ/Ud7WK/mS+SAU:17R6Pxu3Vqk9qTbWRe3b9eS+SRo7MZr

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Drops file in System32 directory 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\15a90d77abd19193cb55cdb423f44130_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\15a90d77abd19193cb55cdb423f44130_NeikiAnalytics.exe"
    1⤵
    • Drops file in System32 directory
    PID:2304
    • C:\Windows\SysWOW64\ilcatah.exe
      "C:\Windows\SysWOW64\ilcatah.exe"
      2⤵
      • Executes dropped EXE
      PID:5032

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Windows\SysWOW64\ilcatah.exe
    Filesize

    70KB

    MD5

    e4c9f07f0745d7ce23e1c0009b62e495

    SHA1

    28f1a57a74fd681fd85270143c8e96dc39b5d9a6

    SHA256

    815c2763b35a95367c4ac1040515eb572248cf7cf4023a3597bd69b2a95235d8

    SHA512

    602492341ccd8a2ff1366c0ffa432042eff288574850ecab42647c44617c3161acb3b6523ba7d2329ae47da184a6691b9dd944a449a171e496d4f0c631bfcb63

    Download Submit

  • memory/2304-3-0x00000000776D2000-0x00000000776D3000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2304-4-0x0000000000400000-0x0000000000403000-memory.dmp

    Filesize

    12KB

    Download