3e436dfbc3ce65faf1e026376f0c6143cbaec9a00e3e09acae784cb7ff480078

Analysis

max time kernel
118s
max time network
119s
platform
windows7_x64
resource
win7-20231129-en
resource tags

arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
submitted
23-05-2024 01:40

Target

6f990b3ab0bddf540109d0682fc8d7f0_NeikiAnalytics.exe
Size

74KB
MD5

6f990b3ab0bddf540109d0682fc8d7f0
SHA1

d98385efc6ef67f1ab8116486352c9df378584b2
SHA256

3e436dfbc3ce65faf1e026376f0c6143cbaec9a00e3e09acae784cb7ff480078
SHA512

7589c7d8f20f1cbc90b403585afdf9213cb1217993d996e6050cebff94fa94b7c3c31dac43f6cc550639f809394ffc7926075ee3ad10fefc801f05a8b06588a2
SSDEEP

1536:1l52iwhqb1tqObPvZkcUbSpx7/wteyNjMyuLP:P0PhqZ/TvZtYSXceK4y2

Score

7^/10

Executes dropped EXE 1 IoCs

Processes:

eaxnovih.exe

pid process

2852 eaxnovih.exe
Loads dropped DLL 1 IoCs

Processes:

6f990b3ab0bddf540109d0682fc8d7f0_NeikiAnalytics.exe

pid process

2028 6f990b3ab0bddf540109d0682fc8d7f0_NeikiAnalytics.exe

pid	process
2852	eaxnovih.exe

pid	process
2028	6f990b3ab0bddf540109d0682fc8d7f0_NeikiAnalytics.exe

Drops file in System32 directory 2 IoCs

Processes:

6f990b3ab0bddf540109d0682fc8d7f0_NeikiAnalytics.exe

description	ioc	process
File opened for modification	C:\Windows\SysWOW64\eaxnovih.exe	6f990b3ab0bddf540109d0682fc8d7f0_NeikiAnalytics.exe
File created	C:\Windows\SysWOW64\eaxnovih.exe	6f990b3ab0bddf540109d0682fc8d7f0_NeikiAnalytics.exe

C:\Windows\SysWOW64\eaxnovih.exe
"C:\Windows\SysWOW64\eaxnovih.exe"
2⤵
- Executes dropped EXE
PID:2852

\Windows\SysWOW64\eaxnovih.exe

Filesize
70KB

MD5
0c06d6eea54b3481ad4591fba07ea1a7

SHA1
d795eda20fb3b01ee2dfe707fa26e3565b8bd62c

SHA256
17d308a330f32458cf57b7052dd8e4cb8bff40066f189b62d068a01b8dd0536f

SHA512
13358bc04b30d37deebab9077fc741526712e80396b57c04dd3fca559f135ba68815aa09b9b2f0c5d434c1057e945c3dd81590849692978ad67e0f5c3f5eeedb

Download Submit
memory/2028-5-0x0000000000400000-0x0000000000403000-memory.dmp

Filesize
12KB

Download