Overview

overview

7

Static

static

3

3601cb35a1...cs.exe

windows7-x64

7

3601cb35a1...cs.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    119s
  • max time network
    124s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    22-05-2024 20:37

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    3601cb35a184c204a1c89500e87921f0_NeikiAnalytics.exe

  • Size

    73KB

  • MD5

    3601cb35a184c204a1c89500e87921f0

  • SHA1

    8946323bed68826c6d13d8fdc3fc069348587a07

  • SHA256

    cc9441f329edd94766f0e9183e667f0046fd4c80f90ec1d04aed6a34ad6d3bea

  • SHA512

    4275b7212b8384fd38d960f5d5ed2a752d6a246e385befea11c6aef00ae48ca5b6dc35f147807c34e93d675e23b0c2791db20f51382427e72bd2babaf68fb8ff

  • SSDEEP

    1536:1d80j8XBulvaVEm+odQpNjoCj2HileSpnt7xQaZUnCZgKQQW:X8qD96xdKoCj2HioSpnt7xQaZUPQW

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Drops file in System32 directory 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\3601cb35a184c204a1c89500e87921f0_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\3601cb35a184c204a1c89500e87921f0_NeikiAnalytics.exe"
    1⤵
    • Loads dropped DLL
    • Drops file in System32 directory
    PID:2820
    • C:\Windows\SysWOW64\ourgocoov.exe
      "C:\Windows\SysWOW64\ourgocoov.exe"
      2⤵
      • Executes dropped EXE
      PID:2632

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Windows\SysWOW64\ourgocoov.exe
    Filesize

    70KB

    MD5

    1b5f85d67123e06e718b0c079eafff6f

    SHA1

    2debd0bdd4f457740765174086d8315120f11639

    SHA256

    66b8b5db4b1171e2689d006f36cbcf869d90c25f5439f7c5fa4175c9ec04c461

    SHA512

    ae11f89c349afc38a9c1df4a7959446304cd33d481b3062c852dc37c2e7963bdb3d8a28f65e88c0dc14b4e668018d74eda023972e3273c1056126a56364a2791

    Download Submit
  • memory/2820-5-0x0000000000400000-0x0000000000403000-memory.dmp
    Filesize

    12KB

    Download