Analysis

  • max time kernel
    133s
  • max time network
    103s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240426-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system
  • submitted
    26-05-2024 08:56

General

  • Target

    011f3ccd963e1e61292bcbecdff29ab0_NeikiAnalytics.exe

  • Size

    79KB

  • MD5

    011f3ccd963e1e61292bcbecdff29ab0

  • SHA1

    8a642edd1f84cf4df8da4a0857c93bb6d570a34c

  • SHA256

    7e3e159a767af0626537c12ea57fe76b028042a65fdcdf87510f48d7c30302fa

  • SHA512

    9948f3317fb94cfe763c02561b74be3358c30ca0dc3f6836677b191173bb3cf9a43136bde8293bc73dc3c685765fdb989796731c56dddd0903486594954ef3b4

  • SSDEEP

    1536:zvvSjrPgawlHWzMLP0OOQA8AkqUhMb2nuy5wgIP0CSJ+5yhB8GMGlZ5G:zvvSj8aKHWgLP0bGdqU7uy5w9WMyhN5G

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Suspicious use of WriteProcessMemory 6 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\011f3ccd963e1e61292bcbecdff29ab0_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\011f3ccd963e1e61292bcbecdff29ab0_NeikiAnalytics.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:3448

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\[email protected]

    Filesize

    79KB

    MD5

    163939a9d131f1e1d4a55f0c1f19d89a

    SHA1

    0b5a24a522d494f15e7bab20d8467a93b3512c1d

    SHA256

    34cba237d318e82d0bd6def111fe238c27a18c7d3351af7f502300e355ca6501

    SHA512

    b838f3bfe359fa8451f63e09fd6b57f5c05b56f0712ba855937995a772b4500d0d73067249b5716c1dc90e58426bc876572dad5135f1f42dd2a4e10caeb4ad0d

  • memory/2592-5-0x0000000000400000-0x000000000041B000-memory.dmp

    Filesize

    108KB

  • memory/3448-6-0x0000000000400000-0x000000000041B000-memory.dmp

    Filesize

    108KB