5b82d2b2fe538fa52acb293e7442129da518eb7a94470102f47ee7788fbfe68a

Analysis

max time kernel
117s
max time network
122s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
23-05-2024 02:02

Target

73736426853f70824c63a1f0ef50c8d0_NeikiAnalytics.exe
Size

74KB
MD5

73736426853f70824c63a1f0ef50c8d0
SHA1

9c11f799c843b16f2c3034f2c608ceb6f0183707
SHA256

5b82d2b2fe538fa52acb293e7442129da518eb7a94470102f47ee7788fbfe68a
SHA512

b08d349074d07321f8c1df505d1e1d9289b62c7ed016568d49c0d1f7041414dc489982f4dbefbefe0a6fe5be0d353bf854a462d134798456b36bf0a01d9e9ca3
SSDEEP

1536:1LLw62p7KTxU0IIBhVu2d7mN9msbqt36etdRT:qgTJBq2d7e9ahP

Score

7^/10

Executes dropped EXE 1 IoCs

Processes:

ukgoahoov-ixac.exe

pid process

2144 ukgoahoov-ixac.exe
Loads dropped DLL 1 IoCs

Processes:

73736426853f70824c63a1f0ef50c8d0_NeikiAnalytics.exe

pid process

1252 73736426853f70824c63a1f0ef50c8d0_NeikiAnalytics.exe

pid	process
2144	ukgoahoov-ixac.exe

pid	process
1252	73736426853f70824c63a1f0ef50c8d0_NeikiAnalytics.exe

Drops file in System32 directory 2 IoCs

Processes:

73736426853f70824c63a1f0ef50c8d0_NeikiAnalytics.exe

description	ioc	process
File opened for modification	C:\Windows\SysWOW64\ukgoahoov-ixac.exe	73736426853f70824c63a1f0ef50c8d0_NeikiAnalytics.exe
File created	C:\Windows\SysWOW64\ukgoahoov-ixac.exe	73736426853f70824c63a1f0ef50c8d0_NeikiAnalytics.exe

C:\Windows\SysWOW64\ukgoahoov-ixac.exe
"C:\Windows\SysWOW64\ukgoahoov-ixac.exe"
2⤵
- Executes dropped EXE
PID:2144

\Windows\SysWOW64\ukgoahoov-ixac.exe

Filesize
71KB

MD5
c08887da25efb71b09599c8cd5aa7ad9

SHA1
5142588edfe1aad575ce0e3cc5ad83aaeec090f8

SHA256
7c0902e1b0141ab26d74b34187e2a881ece5ecd1949319033129fee6dbd4ae44

SHA512
d6c127097f9b2f9526b7a9a0e4e2a354759cb712a0ad8a928c6aef6a863d74d30976a1f26c20ad52d8dd852cdff17db0f568f837606fdfca7a00722dd1cfcf72

Download Submit
memory/1252-5-0x0000000000400000-0x0000000000403000-memory.dmp

Filesize
12KB

Download