e7eee10f617a2f21e505dced2fa613fa5ee079ff3f230299cf6c97e6bf425346

Analysis

max time kernel
131s
max time network
100s
platform
windows10-2004_x64
resource
win10v2004-20240508-en
resource tags

arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
submitted
24/05/2024, 05:25

Target

d0bdeed0d591ea7e9c55d7fb8bb2b4c0_NeikiAnalytics.dll
Size

6KB
MD5

d0bdeed0d591ea7e9c55d7fb8bb2b4c0
SHA1

8b61707809625003358ae5882b959fa4697e439a
SHA256

e7eee10f617a2f21e505dced2fa613fa5ee079ff3f230299cf6c97e6bf425346
SHA512

f3574f12a8eadf72f1ab47fe6a9b5db94ea168235e4e3eb498ba13396a0eeee80584381e1de174404d37bb6e2693b7cd6432b533d878aed3f4fc6d6f95b355d2
SSDEEP

96:hy859x0P8MaK33GKGGE9/culzdok8Kvv7lOQsaAIUzax:F5oLJ33GKGjcupd57FGIUzax

Score

1^/10

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 2660 wrote to memory of 1636	2660	rundll32.exe	82
PID 2660 wrote to memory of 1636	2660	rundll32.exe	82
PID 2660 wrote to memory of 1636	2660	rundll32.exe	82

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\d0bdeed0d591ea7e9c55d7fb8bb2b4c0_NeikiAnalytics.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:2660
- C:\Windows\SysWOW64\rundll32.exe
  rundll32.exe C:\Users\Admin\AppData\Local\Temp\d0bdeed0d591ea7e9c55d7fb8bb2b4c0_NeikiAnalytics.dll,#1
  2⤵
  PID:1636