Overview

overview

7

Static

static

7

95b9c94e9a...cs.exe

windows7-x64

7

95b9c94e9a...cs.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    143s
  • max time network
    153s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240226-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
  • submitted
    24-05-2024 14:05

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    95b9c94e9aa6be33735a572a522c5500_NeikiAnalytics.exe

  • Size

    83KB

  • MD5

    95b9c94e9aa6be33735a572a522c5500

  • SHA1

    f42e005de2a68e02a5176a95e722bd137a82dc37

  • SHA256

    3751550866fa08d8c370bc81e838e7f96f03b2e8b9351dba63fde92b978819e0

  • SHA512

    a66a7d85f1317016fd4e5f0e2540b1ea259ecb6972686569f8d3d765f34463c4a78722860e902d6cc75427e905cecef13bddce43cda3eda906ad9ccb82b9c383

  • SSDEEP

    1536:LJaPJpAz869DUxWB+i4OQ4NR2Kk+aSnfZaG8fcaOCzGquSE0cF+UK:LJ0TAz6Mte4A+aaZx8EnCGVuU

Score
7/10
upx

Malware Config

Signatures

  • UPX packed file 8 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx

Processes

  • C:\Users\Admin\AppData\Local\Temp\95b9c94e9aa6be33735a572a522c5500_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\95b9c94e9aa6be33735a572a522c5500_NeikiAnalytics.exe"
    1⤵
      PID:4620
    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=1324 --field-trial-handle=2280,i,1836084024518340990,18250262151825427757,262144 --variations-seed-version /prefetch:8
      1⤵
        PID:5560

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • C:\Users\Admin\AppData\Local\Temp\rifaien2-pIeVKBvgx4Z0uWZ0.exe
        Filesize

        83KB

        MD5

        908c2e8183a44ccaae70ef1acac21453

        SHA1

        b59f65270b9832796df47a5994c9fb6db24235bd

        SHA256

        4aa428b647c0004acce581a85413bb2be2444960e893c555ef21487dc5b3d134

        SHA512

        80717c4272b09ba9165faae420e68942de6c1648c6a550654839404d1c41ce4675af8489187ca2468279fd8a5fda60deb016c7a60d3f3c35c899bc4daabdb338

        Download Submit

      • memory/4620-0-0x0000000000400000-0x000000000042A000-memory.dmp

        Filesize

        168KB

        Download

      • memory/4620-1-0x0000000000400000-0x000000000042A000-memory.dmp

        Filesize

        168KB

        Download

      • memory/4620-4-0x0000000000400000-0x000000000042A000-memory.dmp

        Filesize

        168KB

        Download

      • memory/4620-8-0x0000000000400000-0x000000000042A000-memory.dmp

        Filesize

        168KB

        Download

      • memory/4620-15-0x0000000000400000-0x000000000042A000-memory.dmp

        Filesize

        168KB

        Download

      • memory/4620-22-0x0000000000400000-0x000000000042A000-memory.dmp

        Filesize

        168KB

        Download

      • memory/4620-29-0x0000000000400000-0x000000000042A000-memory.dmp

        Filesize

        168KB

        Download