Overview

overview

5

Static

static

3

382f1422d0...cs.exe

windows7-x64

5

382f1422d0...cs.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    119s
  • max time network
    124s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    22-05-2024 20:48

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    382f1422d0d62efc64ce591da58bc6f0_NeikiAnalytics.exe

  • Size

    663KB

  • MD5

    382f1422d0d62efc64ce591da58bc6f0

  • SHA1

    d348f4f5a6be2f23cc7f459b7152d8a78b71a920

  • SHA256

    7e5f30c36d7959de20bd0eac9f2673df7f6ea47981eeb5bca35fa85f9326c11e

  • SHA512

    72c1d197c2b2c844603af68ee0f0569acc0535e698021a1988514696a612b78639eedc7e6e6a1792630da491b2f02c3b0862b434d622503f758e67619b73a489

  • SSDEEP

    12288:92Ae691B+wYllPxUnAMSeJkIFbZa1QrXBjRHR8vGLGB42DxAi05nSgdo:UE91BDqlPanAMSeJBa1QjtZRLb2DR05s

Score
5/10

Malware Config

Signatures

  • Drops file in System32 directory 1 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\382f1422d0d62efc64ce591da58bc6f0_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\382f1422d0d62efc64ce591da58bc6f0_NeikiAnalytics.exe"
    1⤵
    • Drops file in System32 directory
    • Suspicious use of AdjustPrivilegeToken
    PID:2412

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2412-0-0x0000000000400000-0x00000000004AA000-memory.dmp

    Filesize

    680KB

    Download

  • memory/2412-1-0x00000000002C0000-0x0000000000327000-memory.dmp

    Filesize

    412KB

    Download

  • memory/2412-6-0x00000000002C0000-0x0000000000327000-memory.dmp

    Filesize

    412KB

    Download

  • memory/2412-10-0x0000000000400000-0x00000000004AA000-memory.dmp

    Filesize

    680KB

    Download