Analysis
-
max time kernel
132s -
max time network
123s -
platform
windows10-2004_x64 -
resource
win10v2004-20240508-en -
resource tags
arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system -
submitted
25/05/2024, 01:10
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
8a3caa9b287b45572ba70a5aae4a1a80_NeikiAnalytics.dll
Resource
win7-20240220-en
1 signatures
150 seconds
Behavioral task
behavioral2
Sample
8a3caa9b287b45572ba70a5aae4a1a80_NeikiAnalytics.dll
Resource
win10v2004-20240508-en
1 signatures
150 seconds
General
-
Target
8a3caa9b287b45572ba70a5aae4a1a80_NeikiAnalytics.dll
-
Size
5KB
-
MD5
8a3caa9b287b45572ba70a5aae4a1a80
-
SHA1
77a3be3e851b667e0101bf97fc2a05de27fe410e
-
SHA256
f393ebc5fd2f3d20d110a7a4caef0d973be66f1a8da393a5c4b96e8ca7cc86f7
-
SHA512
2f61189ffc93526debd5d7d1b35e514988258dd2c034ca87feb6d36a4f7f57f72b65eeeec0d8d9ea1879dae3389763f7749d1c0cd3abd316b4d333b225f6a751
-
SSDEEP
96:nEY2RrF1eqwi4EcY07ifqtLEBbcJeoXVBVFArIsQeh6Wii:EHRh1eppEZfqtLEdie6DVFjFNW
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 3 IoCs
description pid Process procid_target PID 212 wrote to memory of 3912 212 rundll32.exe 83 PID 212 wrote to memory of 3912 212 rundll32.exe 83 PID 212 wrote to memory of 3912 212 rundll32.exe 83
Processes
-
C:\Windows\system32\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\8a3caa9b287b45572ba70a5aae4a1a80_NeikiAnalytics.dll,#11⤵
- Suspicious use of WriteProcessMemory
PID:212 -
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\8a3caa9b287b45572ba70a5aae4a1a80_NeikiAnalytics.dll,#12⤵PID:3912
-