Analysis
-
max time kernel
130s -
max time network
128s -
platform
windows10-2004_x64 -
resource
win10v2004-20240508-en -
resource tags
arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system -
submitted
23-05-2024 00:59
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
679a3d09c0623d58d08d3ea071ca1820_NeikiAnalytics.dll
Resource
win7-20240508-en
windows7-x64
1 signatures
150 seconds
Behavioral task
behavioral2
Sample
679a3d09c0623d58d08d3ea071ca1820_NeikiAnalytics.dll
Resource
win10v2004-20240508-en
windows10-2004-x64
1 signatures
150 seconds
General
-
Target
679a3d09c0623d58d08d3ea071ca1820_NeikiAnalytics.dll
-
Size
5KB
-
MD5
679a3d09c0623d58d08d3ea071ca1820
-
SHA1
440f0021f66015f516e29a6178fd605435e1b695
-
SHA256
d62c80a11d2aabbed2caf4472c33613b961c7e981c2cd3860aaaea15050617b7
-
SHA512
28b6f0d26d237c2c29005c5b380e62eb720a5a29893790fce421b425872fe16a643bfeff9cf56abd6fb43046c6e34211b45f1493607a660f03bbe487261c9043
-
SSDEEP
48:CCy86+Wet9Q/iooHeiefhe+/lSMYEqF25vRno/ShEy8+mtkim+ftPoPvjOoqjYS1:hy859x0P8MaFkMSeyDim+Vga4SJi0cE
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes:
rundll32.exedescription pid process target process PID 4736 wrote to memory of 4036 4736 rundll32.exe rundll32.exe PID 4736 wrote to memory of 4036 4736 rundll32.exe rundll32.exe PID 4736 wrote to memory of 4036 4736 rundll32.exe rundll32.exe
Processes
-
C:\Windows\system32\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\679a3d09c0623d58d08d3ea071ca1820_NeikiAnalytics.dll,#11⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\679a3d09c0623d58d08d3ea071ca1820_NeikiAnalytics.dll,#12⤵