Analysis
-
max time kernel
120s -
max time network
127s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
23-05-2024 02:15
Static task
static1
Behavioral task
behavioral1
Sample
75ada5cdfb0a336542816af1eb253520_NeikiAnalytics.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
75ada5cdfb0a336542816af1eb253520_NeikiAnalytics.exe
Resource
win10v2004-20240426-en
General
-
Target
75ada5cdfb0a336542816af1eb253520_NeikiAnalytics.exe
-
Size
73KB
-
MD5
75ada5cdfb0a336542816af1eb253520
-
SHA1
a025828a3c8d82d40b19547727fe6228bc31c20d
-
SHA256
1147c0fcb64e48ce928a1036fa6216dfacf1483f1d34aec6416c96000146bc4e
-
SHA512
af18a29f1ce0164de208688b48d6e099a55746b8df26ae9150137855f9b8a0f618f3dcd0492471ac4673a0d6fdb30029fc8d29236b11623b379b5bf5977651bb
-
SSDEEP
768:hZZ6Zyf9IsOotoORa9BtsKq59qixs6LD908odASouD/7Vs6U2Y6AdYLSQhOUul88:1sxd9IKubv9svDzhkiLSQoUulHe+h
Malware Config
Signatures
-
Executes dropped EXE 1 IoCs
Processes:
andegeac-ded.exepid process 2336 andegeac-ded.exe -
Loads dropped DLL 1 IoCs
Processes:
75ada5cdfb0a336542816af1eb253520_NeikiAnalytics.exepid process 2756 75ada5cdfb0a336542816af1eb253520_NeikiAnalytics.exe -
Drops file in System32 directory 2 IoCs
Processes:
75ada5cdfb0a336542816af1eb253520_NeikiAnalytics.exedescription ioc process File opened for modification C:\Windows\SysWOW64\andegeac-ded.exe 75ada5cdfb0a336542816af1eb253520_NeikiAnalytics.exe File created C:\Windows\SysWOW64\andegeac-ded.exe 75ada5cdfb0a336542816af1eb253520_NeikiAnalytics.exe
Processes
-
C:\Users\Admin\AppData\Local\Temp\75ada5cdfb0a336542816af1eb253520_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\75ada5cdfb0a336542816af1eb253520_NeikiAnalytics.exe"1⤵
- Loads dropped DLL
- Drops file in System32 directory
-
C:\Windows\SysWOW64\andegeac-ded.exe"C:\Windows\SysWOW64\andegeac-ded.exe"2⤵
- Executes dropped EXE
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
\Windows\SysWOW64\andegeac-ded.exeFilesize
70KB
MD5497e714c5021273ffcb5d7ecc036de4f
SHA13897ab59dc9153a45e107a75d7f1b28bf0c4195c
SHA256d60a7ecbfa5eb05f206ab16905772ba29437da35e286f8d86f6fa190046c66be
SHA5122af9abba93d9d1069d36e2d50b30e8cdb5eb6f46ee4cac12da911e8f9cffaf8101925d2d86359bd7474478ae8b4dc87aa20189dbfe17ee6437fb3c7b55e049af
-
memory/2756-5-0x0000000000400000-0x0000000000403000-memory.dmpFilesize
12KB