cc9441f329edd94766f0e9183e667f0046fd4c80f90ec1d04aed6a34ad6d3bea

Analysis

max time kernel
149s
max time network
150s
platform
windows10-2004_x64
resource
win10v2004-20240508-en
resource tags

arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
submitted
22-05-2024 20:37

Target

3601cb35a184c204a1c89500e87921f0_NeikiAnalytics.exe
Size

73KB
MD5

3601cb35a184c204a1c89500e87921f0
SHA1

8946323bed68826c6d13d8fdc3fc069348587a07
SHA256

cc9441f329edd94766f0e9183e667f0046fd4c80f90ec1d04aed6a34ad6d3bea
SHA512

4275b7212b8384fd38d960f5d5ed2a752d6a246e385befea11c6aef00ae48ca5b6dc35f147807c34e93d675e23b0c2791db20f51382427e72bd2babaf68fb8ff
SSDEEP

1536:1d80j8XBulvaVEm+odQpNjoCj2HileSpnt7xQaZUnCZgKQQW:X8qD96xdKoCj2HioSpnt7xQaZUPQW

Score

7^/10

Executes dropped EXE 1 IoCs

Processes:

ourgocoov.exe

pid process

2508 ourgocoov.exe

pid	process
2508	ourgocoov.exe

Drops file in System32 directory 2 IoCs

Processes:

3601cb35a184c204a1c89500e87921f0_NeikiAnalytics.exe

description	ioc	process
File created	C:\Windows\SysWOW64\ourgocoov.exe	3601cb35a184c204a1c89500e87921f0_NeikiAnalytics.exe
File opened for modification	C:\Windows\SysWOW64\ourgocoov.exe	3601cb35a184c204a1c89500e87921f0_NeikiAnalytics.exe

C:\Users\Admin\AppData\Local\Temp\3601cb35a184c204a1c89500e87921f0_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\3601cb35a184c204a1c89500e87921f0_NeikiAnalytics.exe"
1⤵
- Drops file in System32 directory
PID:4776

C:\Windows\SysWOW64\ourgocoov.exe
"C:\Windows\SysWOW64\ourgocoov.exe"
2⤵
- Executes dropped EXE
PID:2508

C:\Windows\SysWOW64\ourgocoov.exe

Filesize
70KB

MD5
1b5f85d67123e06e718b0c079eafff6f

SHA1
2debd0bdd4f457740765174086d8315120f11639

SHA256
66b8b5db4b1171e2689d006f36cbcf869d90c25f5439f7c5fa4175c9ec04c461

SHA512
ae11f89c349afc38a9c1df4a7959446304cd33d481b3062c852dc37c2e7963bdb3d8a28f65e88c0dc14b4e668018d74eda023972e3273c1056126a56364a2791

Download Submit
memory/4776-3-0x0000000000400000-0x0000000000403000-memory.dmp

Filesize
12KB

Download