Analysis
-
max time kernel
121s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20240508-en -
resource tags
arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system -
submitted
23-05-2024 00:59
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
679a3d09c0623d58d08d3ea071ca1820_NeikiAnalytics.dll
Resource
win7-20240508-en
windows7-x64
1 signatures
150 seconds
Behavioral task
behavioral2
Sample
679a3d09c0623d58d08d3ea071ca1820_NeikiAnalytics.dll
Resource
win10v2004-20240508-en
windows10-2004-x64
1 signatures
150 seconds
General
-
Target
679a3d09c0623d58d08d3ea071ca1820_NeikiAnalytics.dll
-
Size
5KB
-
MD5
679a3d09c0623d58d08d3ea071ca1820
-
SHA1
440f0021f66015f516e29a6178fd605435e1b695
-
SHA256
d62c80a11d2aabbed2caf4472c33613b961c7e981c2cd3860aaaea15050617b7
-
SHA512
28b6f0d26d237c2c29005c5b380e62eb720a5a29893790fce421b425872fe16a643bfeff9cf56abd6fb43046c6e34211b45f1493607a660f03bbe487261c9043
-
SSDEEP
48:CCy86+Wet9Q/iooHeiefhe+/lSMYEqF25vRno/ShEy8+mtkim+ftPoPvjOoqjYS1:hy859x0P8MaFkMSeyDim+Vga4SJi0cE
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 7 IoCs
Processes:
rundll32.exedescription pid process target process PID 1084 wrote to memory of 3048 1084 rundll32.exe rundll32.exe PID 1084 wrote to memory of 3048 1084 rundll32.exe rundll32.exe PID 1084 wrote to memory of 3048 1084 rundll32.exe rundll32.exe PID 1084 wrote to memory of 3048 1084 rundll32.exe rundll32.exe PID 1084 wrote to memory of 3048 1084 rundll32.exe rundll32.exe PID 1084 wrote to memory of 3048 1084 rundll32.exe rundll32.exe PID 1084 wrote to memory of 3048 1084 rundll32.exe rundll32.exe
Processes
-
C:\Windows\system32\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\679a3d09c0623d58d08d3ea071ca1820_NeikiAnalytics.dll,#11⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\679a3d09c0623d58d08d3ea071ca1820_NeikiAnalytics.dll,#12⤵