19a3d315d55cc90eeeda1fe19840559e7d739ed79755443e3c55efa909b37329

Analysis

max time kernel
121s
max time network
122s
platform
windows7_x64
resource
win7-20240419-en
resource tags

arch:x64arch:x86image:win7-20240419-enlocale:en-usos:windows7-x64system
submitted
23-05-2024 00:54

Target

669ed36181e50775dcbdfe4822306160_NeikiAnalytics.exe
Size

74KB
MD5

669ed36181e50775dcbdfe4822306160
SHA1

efeb4041bf023168561956cdb92c6f43b5cbef96
SHA256

19a3d315d55cc90eeeda1fe19840559e7d739ed79755443e3c55efa909b37329
SHA512

0f09b8af6576aced7b83f1aac71f17ec915d3101e4e174817563a5b9160ebd346a2058df277b75f01dba52042281ceb7a5284be7f8d485bc474575779363ef06
SSDEEP

1536:1l52iwhqb1tqObPvZkcUbSpx7/wteyNjM:P0PhqZ/TvZtYSXceKA

Score

7^/10

Executes dropped EXE 1 IoCs

Processes:

axgobux.exe

pid process

2408 axgobux.exe
Loads dropped DLL 1 IoCs

Processes:

669ed36181e50775dcbdfe4822306160_NeikiAnalytics.exe

pid process

1200 669ed36181e50775dcbdfe4822306160_NeikiAnalytics.exe

pid	process
2408	axgobux.exe

pid	process
1200	669ed36181e50775dcbdfe4822306160_NeikiAnalytics.exe

Drops file in System32 directory 2 IoCs

Processes:

669ed36181e50775dcbdfe4822306160_NeikiAnalytics.exe

description	ioc	process
File opened for modification	C:\Windows\SysWOW64\axgobux.exe	669ed36181e50775dcbdfe4822306160_NeikiAnalytics.exe
File created	C:\Windows\SysWOW64\axgobux.exe	669ed36181e50775dcbdfe4822306160_NeikiAnalytics.exe

C:\Windows\SysWOW64\axgobux.exe
"C:\Windows\SysWOW64\axgobux.exe"
2⤵
- Executes dropped EXE
PID:2408

\Windows\SysWOW64\axgobux.exe

Filesize
71KB

MD5
ab4cd84ffc17f1704f7bcbfe822a4741

SHA1
5d9d976555e4c98dd66a7b9381ac9eeee3a63d41

SHA256
eb52d2d13f14e908726bad254646841dde2a7b514445e674ec37829bfa5f8fdc

SHA512
eadaea60be2ac16424f5f19744ba061fcaf3e7d9a979be3c927fc9da619f6f464056be094a2c9fc754be964ef318dee0a1f35b7378e851bb57206e31b8f3bbde

Download Submit
memory/1200-5-0x0000000000400000-0x0000000000403000-memory.dmp

Filesize
12KB

Download