Analysis
-
max time kernel
118s -
max time network
118s -
platform
windows7_x64 -
resource
win7-20240508-en -
resource tags
-
submitted
23-05-2024 00:54
General
-
Target
6685aad7f4449e1621050ce30e304060_NeikiAnalytics.exe
-
Size
1.6MB
-
MD5
6685aad7f4449e1621050ce30e304060
-
SHA1
6c9087b62f4730628019ee8a5f01259b33d01c42
-
SHA256
0540d78958f02f977a97b074c9bba97c9f2d6f6379494c6238db6dca09185f20
-
SHA512
8d2d1d4a37f200080c3dd5df870118ce33713f3da420e1fee17016b99351ef8327b60cdf076519edb2e13dcb192d6ed6db1c4200da313937a125212796d0caa6
-
SSDEEP
49152:llb7777777777777777777777777777777777777777777777IVFnVFnVFnVFnV9:llc3n3n3n3n3n3n3n3n3n3n3n3n3n3nv
Malware Config
Signatures
-
Executes dropped EXE 1 IoCs
-
UPX packed file 3 IoCs
Detects executables packed with UPX/modified UPX open source packer.
-
Drops file in System32 directory 2 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\6685aad7f4449e1621050ce30e304060_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\6685aad7f4449e1621050ce30e304060_NeikiAnalytics.exe"1⤵
- Drops file in System32 directory
-
C:\Windows\SysWOW64\svrwsc.exeC:\Windows\SysWOW64\svrwsc.exe1⤵
- Executes dropped EXE
- Drops file in System32 directory
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
C:\Windows\SysWOW64\svrwsc.exeFilesize
1.9MB
MD5bd3cc942199d3d5cf2f36703f87d2a86
SHA1562376f653f183da7f3f2e63b91b3cde1c8630b6
SHA2567d7d1f7a26e95a369f93ed03afc0f9a9e1591c0d9c19eef3b62deed95487112e
SHA51257d6e1cdea0e70e195e0a7916a74f87dca9bc431a677c0a6cdc71b6145cdb2db9b873beeb3620878ffd3868d8b2ae70c6ad2d30b8ea249cd7ab90b3b83454b26
-
memory/3012-0-0x0000000000400000-0x000000000042A000-memory.dmpFilesize
168KB
-
memory/3012-3-0x0000000000400000-0x000000000042A000-memory.dmpFilesize
168KB
-
memory/3012-1-0x00000000003B0000-0x00000000003B5000-memory.dmpFilesize
20KB
-
memory/3020-5-0x0000000000400000-0x000000000042A000-memory.dmpFilesize
168KB
-
memory/3020-7-0x0000000000400000-0x000000000042A000-memory.dmpFilesize
168KB