Overview

overview

7

Static

static

3

7475d6f480...cs.exe

windows7-x64

7

7475d6f480...cs.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    133s
  • max time network
    123s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240508-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
  • submitted
    23-05-2024 02:07

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    7475d6f48034c584dec1bbcd88001e30_NeikiAnalytics.exe

  • Size

    94KB

  • MD5

    7475d6f48034c584dec1bbcd88001e30

  • SHA1

    418d9ccdb28faeef568d370dfb570278541f9f46

  • SHA256

    803be70ec8330410ce1c14fd183c94a08c69e33c79d8a16306896e936815374c

  • SHA512

    6be52e44af3ead6d4997b640d600b379ec729baaf895b974b2084e55205accdcd86f5a59a30253db6210062a111fa957ab41004c0161a16281337a46e671b810

  • SSDEEP

    1536:Zn7BYXAkLHylZUYwlEZY7bSfX+AvcitWmh4qc2mdHWpr0aw5TshWLkKg+JxEgJoM:ZVYXdI+lEZP/S2mdHWpr/6xdW

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Suspicious behavior: RenamesItself 1 IoCs
  • Suspicious use of UnmapMainImage 2 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\7475d6f48034c584dec1bbcd88001e30_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\7475d6f48034c584dec1bbcd88001e30_NeikiAnalytics.exe"
    1⤵
    • Suspicious behavior: RenamesItself
    • Suspicious use of UnmapMainImage
    • Suspicious use of WriteProcessMemory
    PID:736
    • C:\Users\Admin\AppData\Local\Temp\7475d6f48034c584dec1bbcd88001e30_NeikiAnalytics.exe
      C:\Users\Admin\AppData\Local\Temp\7475d6f48034c584dec1bbcd88001e30_NeikiAnalytics.exe
      2⤵
      • Deletes itself
      • Executes dropped EXE
      • Suspicious use of UnmapMainImage
      PID:3768

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\7475d6f48034c584dec1bbcd88001e30_NeikiAnalytics.exe
    Filesize

    94KB

    MD5

    7c47d68186c8387d34846778ce48d3b6

    SHA1

    c4a716d75dd05620d2e6958f6193e0622b57cb34

    SHA256

    b9dee371537b75a5debb009bbcae30f0214ec88e1b8d6f19b70d46f31e64f4c5

    SHA512

    6533180c47501776d5372ba4c1f177d1187b2479a6a92be9cb7f1a128c98da59d891f49ecffc86d78f5b580e8dc8b13badf117c85a287ee8f73100b8851a59b5

    Download Submit

  • memory/736-0-0x0000000000400000-0x0000000000432000-memory.dmp

    Filesize

    200KB

    Download

  • memory/736-1-0x0000000000400000-0x000000000041B000-memory.dmp

    Filesize

    108KB

    Download

  • memory/736-6-0x00000000000F0000-0x0000000000122000-memory.dmp

    Filesize

    200KB

    Download

  • memory/736-13-0x0000000000400000-0x000000000041B000-memory.dmp

    Filesize

    108KB

    Download

  • memory/3768-14-0x0000000000400000-0x0000000000432000-memory.dmp

    Filesize

    200KB

    Download

  • memory/3768-20-0x00000000001B0000-0x00000000001E2000-memory.dmp

    Filesize

    200KB

    Download

  • memory/3768-21-0x0000000000400000-0x000000000040E000-memory.dmp

    Filesize

    56KB

    Download

  • memory/3768-26-0x00000000014F0000-0x000000000150B000-memory.dmp

    Filesize

    108KB

    Download