Analysis
-
max time kernel
148s -
max time network
152s -
platform
windows10-2004_x64 -
resource
win10v2004-20240508-en -
resource tags
arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system -
submitted
24-05-2024 21:25
Static task
static1
Behavioral task
behavioral1
Sample
fc10ec56258ffe23bb01cb1a33329200_NeikiAnalytics.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
fc10ec56258ffe23bb01cb1a33329200_NeikiAnalytics.exe
Resource
win10v2004-20240508-en
General
-
Target
fc10ec56258ffe23bb01cb1a33329200_NeikiAnalytics.exe
-
Size
1.6MB
-
MD5
fc10ec56258ffe23bb01cb1a33329200
-
SHA1
eeb5b64f392c2319444fc7a9e6f75fef2e013bb3
-
SHA256
0d8e01a327a59a157ecd377da305be64e55ec4265abbd58af4acf7d64a2d73b7
-
SHA512
f97de9e9129ace5ba3948f099011186b125dff719209fc22b63bed4fef8e264f8d07812ac88e98d88f46feaa80e0a1a737a66cfa038273be5d3b1bccd9aeb0c0
-
SSDEEP
24576:vlfdUimINRPLHgZpJEGd4+mIJz5IcuMlQHJxrDiSi:dzBNRPLHkJEmisGcnlQHPxi
Malware Config
Signatures
-
Drops file in System32 directory 1 IoCs
Processes:
fc10ec56258ffe23bb01cb1a33329200_NeikiAnalytics.exedescription ioc process File opened for modification C:\Windows\System32\alg.exe fc10ec56258ffe23bb01cb1a33329200_NeikiAnalytics.exe -
Suspicious use of AdjustPrivilegeToken 1 IoCs
Processes:
fc10ec56258ffe23bb01cb1a33329200_NeikiAnalytics.exedescription pid process Token: SeTakeOwnershipPrivilege 4608 fc10ec56258ffe23bb01cb1a33329200_NeikiAnalytics.exe
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/4608-0-0x0000000030000000-0x00000000301A7000-memory.dmpFilesize
1.7MB
-
memory/4608-1-0x0000000002280000-0x00000000022E6000-memory.dmpFilesize
408KB
-
memory/4608-6-0x0000000002280000-0x00000000022E6000-memory.dmpFilesize
408KB
-
memory/4608-12-0x0000000030000000-0x00000000301A7000-memory.dmpFilesize
1.7MB