Analysis
-
max time kernel
138s -
max time network
125s -
platform
windows10-2004_x64 -
resource
win10v2004-20240426-en -
resource tags
arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system -
submitted
26/05/2024, 10:43
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
2a03e413ffdfbcbafb87c9c234e01c60_NeikiAnalytics.dll
Resource
win7-20240221-en
1 signatures
150 seconds
Behavioral task
behavioral2
Sample
2a03e413ffdfbcbafb87c9c234e01c60_NeikiAnalytics.dll
Resource
win10v2004-20240426-en
1 signatures
150 seconds
General
-
Target
2a03e413ffdfbcbafb87c9c234e01c60_NeikiAnalytics.dll
-
Size
3KB
-
MD5
2a03e413ffdfbcbafb87c9c234e01c60
-
SHA1
4a8572d835aff26836e479af2340a9ca4e9d2642
-
SHA256
14e1dafc5651f37b8585f8499934c7b2b0d239ec9e15c89211f66748b006a15f
-
SHA512
86f0cedb8243aac34815a746ed3f945bc765ba20f02a81d06dcc57034f728fd3a386b22d9407a4e61f692f7311a2480360a95f1a48aa7df9ed9b401487a31a5a
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 64 IoCs
description pid Process procid_target PID 1352 wrote to memory of 1540 1352 rundll32.exe 83 PID 1352 wrote to memory of 1540 1352 rundll32.exe 83 PID 1352 wrote to memory of 1540 1352 rundll32.exe 83 PID 1540 wrote to memory of 3088 1540 rundll32.exe 84 PID 1540 wrote to memory of 3088 1540 rundll32.exe 84 PID 1540 wrote to memory of 3088 1540 rundll32.exe 84 PID 3088 wrote to memory of 1152 3088 rundll32.exe 85 PID 3088 wrote to memory of 1152 3088 rundll32.exe 85 PID 3088 wrote to memory of 1152 3088 rundll32.exe 85 PID 1152 wrote to memory of 1692 1152 rundll32.exe 86 PID 1152 wrote to memory of 1692 1152 rundll32.exe 86 PID 1152 wrote to memory of 1692 1152 rundll32.exe 86 PID 1692 wrote to memory of 1524 1692 rundll32.exe 87 PID 1692 wrote to memory of 1524 1692 rundll32.exe 87 PID 1692 wrote to memory of 1524 1692 rundll32.exe 87 PID 1524 wrote to memory of 4724 1524 rundll32.exe 88 PID 1524 wrote to memory of 4724 1524 rundll32.exe 88 PID 1524 wrote to memory of 4724 1524 rundll32.exe 88 PID 4724 wrote to memory of 920 4724 rundll32.exe 89 PID 4724 wrote to memory of 920 4724 rundll32.exe 89 PID 4724 wrote to memory of 920 4724 rundll32.exe 89 PID 920 wrote to memory of 4064 920 rundll32.exe 90 PID 920 wrote to memory of 4064 920 rundll32.exe 90 PID 920 wrote to memory of 4064 920 rundll32.exe 90 PID 4064 wrote to memory of 1592 4064 rundll32.exe 91 PID 4064 wrote to memory of 1592 4064 rundll32.exe 91 PID 4064 wrote to memory of 1592 4064 rundll32.exe 91 PID 1592 wrote to memory of 4048 1592 rundll32.exe 92 PID 1592 wrote to memory of 4048 1592 rundll32.exe 92 PID 1592 wrote to memory of 4048 1592 rundll32.exe 92 PID 4048 wrote to memory of 3600 4048 rundll32.exe 93 PID 4048 wrote to memory of 3600 4048 rundll32.exe 93 PID 4048 wrote to memory of 3600 4048 rundll32.exe 93 PID 3600 wrote to memory of 3844 3600 rundll32.exe 94 PID 3600 wrote to memory of 3844 3600 rundll32.exe 94 PID 3600 wrote to memory of 3844 3600 rundll32.exe 94 PID 3844 wrote to memory of 3664 3844 rundll32.exe 95 PID 3844 wrote to memory of 3664 3844 rundll32.exe 95 PID 3844 wrote to memory of 3664 3844 rundll32.exe 95 PID 3664 wrote to memory of 1928 3664 rundll32.exe 96 PID 3664 wrote to memory of 1928 3664 rundll32.exe 96 PID 3664 wrote to memory of 1928 3664 rundll32.exe 96 PID 1928 wrote to memory of 1976 1928 rundll32.exe 97 PID 1928 wrote to memory of 1976 1928 rundll32.exe 97 PID 1928 wrote to memory of 1976 1928 rundll32.exe 97 PID 1976 wrote to memory of 2904 1976 rundll32.exe 98 PID 1976 wrote to memory of 2904 1976 rundll32.exe 98 PID 1976 wrote to memory of 2904 1976 rundll32.exe 98 PID 2904 wrote to memory of 4144 2904 rundll32.exe 99 PID 2904 wrote to memory of 4144 2904 rundll32.exe 99 PID 2904 wrote to memory of 4144 2904 rundll32.exe 99 PID 4144 wrote to memory of 1748 4144 rundll32.exe 100 PID 4144 wrote to memory of 1748 4144 rundll32.exe 100 PID 4144 wrote to memory of 1748 4144 rundll32.exe 100 PID 1748 wrote to memory of 3432 1748 rundll32.exe 101 PID 1748 wrote to memory of 3432 1748 rundll32.exe 101 PID 1748 wrote to memory of 3432 1748 rundll32.exe 101 PID 3432 wrote to memory of 432 3432 rundll32.exe 102 PID 3432 wrote to memory of 432 3432 rundll32.exe 102 PID 3432 wrote to memory of 432 3432 rundll32.exe 102 PID 432 wrote to memory of 3248 432 rundll32.exe 103 PID 432 wrote to memory of 3248 432 rundll32.exe 103 PID 432 wrote to memory of 3248 432 rundll32.exe 103 PID 3248 wrote to memory of 4588 3248 rundll32.exe 104
Processes
-
C:\Windows\system32\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\2a03e413ffdfbcbafb87c9c234e01c60_NeikiAnalytics.dll,#11⤵
- Suspicious use of WriteProcessMemory
PID:1352 -
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\2a03e413ffdfbcbafb87c9c234e01c60_NeikiAnalytics.dll,#12⤵
- Suspicious use of WriteProcessMemory
PID:1540 -
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\2a03e413ffdfbcbafb87c9c234e01c60_NeikiAnalytics.dll,#13⤵
- Suspicious use of WriteProcessMemory
PID:3088 -
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\2a03e413ffdfbcbafb87c9c234e01c60_NeikiAnalytics.dll,#14⤵
- Suspicious use of WriteProcessMemory
PID:1152 -
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\2a03e413ffdfbcbafb87c9c234e01c60_NeikiAnalytics.dll,#15⤵
- Suspicious use of WriteProcessMemory
PID:1692 -
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\2a03e413ffdfbcbafb87c9c234e01c60_NeikiAnalytics.dll,#16⤵
- Suspicious use of WriteProcessMemory
PID:1524 -
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\2a03e413ffdfbcbafb87c9c234e01c60_NeikiAnalytics.dll,#17⤵
- Suspicious use of WriteProcessMemory
PID:4724 -
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\2a03e413ffdfbcbafb87c9c234e01c60_NeikiAnalytics.dll,#18⤵
- Suspicious use of WriteProcessMemory
PID:920 -
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\2a03e413ffdfbcbafb87c9c234e01c60_NeikiAnalytics.dll,#19⤵
- Suspicious use of WriteProcessMemory
PID:4064 -
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\2a03e413ffdfbcbafb87c9c234e01c60_NeikiAnalytics.dll,#110⤵
- Suspicious use of WriteProcessMemory
PID:1592 -
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\2a03e413ffdfbcbafb87c9c234e01c60_NeikiAnalytics.dll,#111⤵
- Suspicious use of WriteProcessMemory
PID:4048 -
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\2a03e413ffdfbcbafb87c9c234e01c60_NeikiAnalytics.dll,#112⤵
- Suspicious use of WriteProcessMemory
PID:3600 -
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\2a03e413ffdfbcbafb87c9c234e01c60_NeikiAnalytics.dll,#113⤵
- Suspicious use of WriteProcessMemory
PID:3844 -
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\2a03e413ffdfbcbafb87c9c234e01c60_NeikiAnalytics.dll,#114⤵
- Suspicious use of WriteProcessMemory
PID:3664 -
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\2a03e413ffdfbcbafb87c9c234e01c60_NeikiAnalytics.dll,#115⤵
- Suspicious use of WriteProcessMemory
PID:1928 -
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\2a03e413ffdfbcbafb87c9c234e01c60_NeikiAnalytics.dll,#116⤵
- Suspicious use of WriteProcessMemory
PID:1976 -
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\2a03e413ffdfbcbafb87c9c234e01c60_NeikiAnalytics.dll,#117⤵
- Suspicious use of WriteProcessMemory
PID:2904 -
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\2a03e413ffdfbcbafb87c9c234e01c60_NeikiAnalytics.dll,#118⤵
- Suspicious use of WriteProcessMemory
PID:4144 -
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\2a03e413ffdfbcbafb87c9c234e01c60_NeikiAnalytics.dll,#119⤵
- Suspicious use of WriteProcessMemory
PID:1748 -
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\2a03e413ffdfbcbafb87c9c234e01c60_NeikiAnalytics.dll,#120⤵
- Suspicious use of WriteProcessMemory
PID:3432 -
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\2a03e413ffdfbcbafb87c9c234e01c60_NeikiAnalytics.dll,#121⤵
- Suspicious use of WriteProcessMemory
PID:432 -
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\2a03e413ffdfbcbafb87c9c234e01c60_NeikiAnalytics.dll,#122⤵
- Suspicious use of WriteProcessMemory
PID:3248 -
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\2a03e413ffdfbcbafb87c9c234e01c60_NeikiAnalytics.dll,#123⤵PID:4588
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\2a03e413ffdfbcbafb87c9c234e01c60_NeikiAnalytics.dll,#124⤵PID:900
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\2a03e413ffdfbcbafb87c9c234e01c60_NeikiAnalytics.dll,#125⤵PID:3296
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\2a03e413ffdfbcbafb87c9c234e01c60_NeikiAnalytics.dll,#126⤵PID:3884
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\2a03e413ffdfbcbafb87c9c234e01c60_NeikiAnalytics.dll,#127⤵PID:2152
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\2a03e413ffdfbcbafb87c9c234e01c60_NeikiAnalytics.dll,#128⤵PID:4088
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\2a03e413ffdfbcbafb87c9c234e01c60_NeikiAnalytics.dll,#129⤵PID:1868
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\2a03e413ffdfbcbafb87c9c234e01c60_NeikiAnalytics.dll,#130⤵PID:4996
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\2a03e413ffdfbcbafb87c9c234e01c60_NeikiAnalytics.dll,#131⤵PID:4236
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\2a03e413ffdfbcbafb87c9c234e01c60_NeikiAnalytics.dll,#132⤵PID:1268
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\2a03e413ffdfbcbafb87c9c234e01c60_NeikiAnalytics.dll,#133⤵PID:4084
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\2a03e413ffdfbcbafb87c9c234e01c60_NeikiAnalytics.dll,#134⤵PID:3672
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\2a03e413ffdfbcbafb87c9c234e01c60_NeikiAnalytics.dll,#135⤵PID:436
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\2a03e413ffdfbcbafb87c9c234e01c60_NeikiAnalytics.dll,#136⤵PID:180
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\2a03e413ffdfbcbafb87c9c234e01c60_NeikiAnalytics.dll,#137⤵PID:2704
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\2a03e413ffdfbcbafb87c9c234e01c60_NeikiAnalytics.dll,#138⤵PID:4764
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\2a03e413ffdfbcbafb87c9c234e01c60_NeikiAnalytics.dll,#139⤵PID:216
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\2a03e413ffdfbcbafb87c9c234e01c60_NeikiAnalytics.dll,#140⤵PID:3380
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\2a03e413ffdfbcbafb87c9c234e01c60_NeikiAnalytics.dll,#141⤵PID:2228
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\2a03e413ffdfbcbafb87c9c234e01c60_NeikiAnalytics.dll,#142⤵PID:3460
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\2a03e413ffdfbcbafb87c9c234e01c60_NeikiAnalytics.dll,#143⤵PID:4416
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\2a03e413ffdfbcbafb87c9c234e01c60_NeikiAnalytics.dll,#144⤵PID:4932
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\2a03e413ffdfbcbafb87c9c234e01c60_NeikiAnalytics.dll,#145⤵PID:4356
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\2a03e413ffdfbcbafb87c9c234e01c60_NeikiAnalytics.dll,#146⤵PID:3928
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\2a03e413ffdfbcbafb87c9c234e01c60_NeikiAnalytics.dll,#147⤵PID:2468
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\2a03e413ffdfbcbafb87c9c234e01c60_NeikiAnalytics.dll,#148⤵PID:876
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\2a03e413ffdfbcbafb87c9c234e01c60_NeikiAnalytics.dll,#149⤵PID:2280
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\2a03e413ffdfbcbafb87c9c234e01c60_NeikiAnalytics.dll,#150⤵PID:1888
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\2a03e413ffdfbcbafb87c9c234e01c60_NeikiAnalytics.dll,#151⤵PID:632
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\2a03e413ffdfbcbafb87c9c234e01c60_NeikiAnalytics.dll,#152⤵PID:4520
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\2a03e413ffdfbcbafb87c9c234e01c60_NeikiAnalytics.dll,#153⤵PID:344
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\2a03e413ffdfbcbafb87c9c234e01c60_NeikiAnalytics.dll,#154⤵PID:2088
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\2a03e413ffdfbcbafb87c9c234e01c60_NeikiAnalytics.dll,#155⤵PID:756
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\2a03e413ffdfbcbafb87c9c234e01c60_NeikiAnalytics.dll,#156⤵PID:4860
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\2a03e413ffdfbcbafb87c9c234e01c60_NeikiAnalytics.dll,#157⤵PID:1820
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\2a03e413ffdfbcbafb87c9c234e01c60_NeikiAnalytics.dll,#158⤵PID:1260
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\2a03e413ffdfbcbafb87c9c234e01c60_NeikiAnalytics.dll,#159⤵PID:4288
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\2a03e413ffdfbcbafb87c9c234e01c60_NeikiAnalytics.dll,#160⤵PID:1784
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\2a03e413ffdfbcbafb87c9c234e01c60_NeikiAnalytics.dll,#161⤵PID:4576
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\2a03e413ffdfbcbafb87c9c234e01c60_NeikiAnalytics.dll,#162⤵PID:1796
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\2a03e413ffdfbcbafb87c9c234e01c60_NeikiAnalytics.dll,#163⤵PID:3044
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\2a03e413ffdfbcbafb87c9c234e01c60_NeikiAnalytics.dll,#164⤵PID:2236
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\2a03e413ffdfbcbafb87c9c234e01c60_NeikiAnalytics.dll,#165⤵PID:2964
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\2a03e413ffdfbcbafb87c9c234e01c60_NeikiAnalytics.dll,#166⤵PID:2328
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\2a03e413ffdfbcbafb87c9c234e01c60_NeikiAnalytics.dll,#167⤵PID:3924
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\2a03e413ffdfbcbafb87c9c234e01c60_NeikiAnalytics.dll,#168⤵PID:3096
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\2a03e413ffdfbcbafb87c9c234e01c60_NeikiAnalytics.dll,#169⤵PID:3440
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\2a03e413ffdfbcbafb87c9c234e01c60_NeikiAnalytics.dll,#170⤵PID:4000
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\2a03e413ffdfbcbafb87c9c234e01c60_NeikiAnalytics.dll,#171⤵PID:1092
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\2a03e413ffdfbcbafb87c9c234e01c60_NeikiAnalytics.dll,#172⤵PID:4876
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\2a03e413ffdfbcbafb87c9c234e01c60_NeikiAnalytics.dll,#173⤵PID:1492
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\2a03e413ffdfbcbafb87c9c234e01c60_NeikiAnalytics.dll,#174⤵PID:4472
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\2a03e413ffdfbcbafb87c9c234e01c60_NeikiAnalytics.dll,#175⤵PID:2612
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\2a03e413ffdfbcbafb87c9c234e01c60_NeikiAnalytics.dll,#176⤵PID:2272
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\2a03e413ffdfbcbafb87c9c234e01c60_NeikiAnalytics.dll,#177⤵PID:2956
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\2a03e413ffdfbcbafb87c9c234e01c60_NeikiAnalytics.dll,#178⤵PID:4556
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\2a03e413ffdfbcbafb87c9c234e01c60_NeikiAnalytics.dll,#179⤵PID:2812
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\2a03e413ffdfbcbafb87c9c234e01c60_NeikiAnalytics.dll,#180⤵PID:1780
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\2a03e413ffdfbcbafb87c9c234e01c60_NeikiAnalytics.dll,#181⤵PID:4800
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\2a03e413ffdfbcbafb87c9c234e01c60_NeikiAnalytics.dll,#182⤵PID:5064
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\2a03e413ffdfbcbafb87c9c234e01c60_NeikiAnalytics.dll,#183⤵PID:4376
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\2a03e413ffdfbcbafb87c9c234e01c60_NeikiAnalytics.dll,#184⤵PID:4380
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\2a03e413ffdfbcbafb87c9c234e01c60_NeikiAnalytics.dll,#185⤵PID:3120
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\2a03e413ffdfbcbafb87c9c234e01c60_NeikiAnalytics.dll,#186⤵PID:3360
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\2a03e413ffdfbcbafb87c9c234e01c60_NeikiAnalytics.dll,#187⤵PID:3712
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\2a03e413ffdfbcbafb87c9c234e01c60_NeikiAnalytics.dll,#188⤵PID:1480
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\2a03e413ffdfbcbafb87c9c234e01c60_NeikiAnalytics.dll,#189⤵PID:3268
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\2a03e413ffdfbcbafb87c9c234e01c60_NeikiAnalytics.dll,#190⤵PID:2408
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\2a03e413ffdfbcbafb87c9c234e01c60_NeikiAnalytics.dll,#191⤵PID:668
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\2a03e413ffdfbcbafb87c9c234e01c60_NeikiAnalytics.dll,#192⤵PID:5124
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\2a03e413ffdfbcbafb87c9c234e01c60_NeikiAnalytics.dll,#193⤵PID:5136
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\2a03e413ffdfbcbafb87c9c234e01c60_NeikiAnalytics.dll,#194⤵PID:5160
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\2a03e413ffdfbcbafb87c9c234e01c60_NeikiAnalytics.dll,#195⤵PID:5180
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\2a03e413ffdfbcbafb87c9c234e01c60_NeikiAnalytics.dll,#196⤵PID:5196
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\2a03e413ffdfbcbafb87c9c234e01c60_NeikiAnalytics.dll,#197⤵PID:5212
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\2a03e413ffdfbcbafb87c9c234e01c60_NeikiAnalytics.dll,#198⤵PID:5224
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\2a03e413ffdfbcbafb87c9c234e01c60_NeikiAnalytics.dll,#199⤵PID:5240
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\2a03e413ffdfbcbafb87c9c234e01c60_NeikiAnalytics.dll,#1100⤵PID:5256
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\2a03e413ffdfbcbafb87c9c234e01c60_NeikiAnalytics.dll,#1101⤵PID:5272
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\2a03e413ffdfbcbafb87c9c234e01c60_NeikiAnalytics.dll,#1102⤵PID:5292
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\2a03e413ffdfbcbafb87c9c234e01c60_NeikiAnalytics.dll,#1103⤵PID:5312
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\2a03e413ffdfbcbafb87c9c234e01c60_NeikiAnalytics.dll,#1104⤵PID:5328
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\2a03e413ffdfbcbafb87c9c234e01c60_NeikiAnalytics.dll,#1105⤵PID:5340
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\2a03e413ffdfbcbafb87c9c234e01c60_NeikiAnalytics.dll,#1106⤵PID:5356
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\2a03e413ffdfbcbafb87c9c234e01c60_NeikiAnalytics.dll,#1107⤵PID:5372
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\2a03e413ffdfbcbafb87c9c234e01c60_NeikiAnalytics.dll,#1108⤵PID:5384
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\2a03e413ffdfbcbafb87c9c234e01c60_NeikiAnalytics.dll,#1109⤵PID:5404
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\2a03e413ffdfbcbafb87c9c234e01c60_NeikiAnalytics.dll,#1110⤵PID:5420
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\2a03e413ffdfbcbafb87c9c234e01c60_NeikiAnalytics.dll,#1111⤵PID:5432
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\2a03e413ffdfbcbafb87c9c234e01c60_NeikiAnalytics.dll,#1112⤵PID:5456
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\2a03e413ffdfbcbafb87c9c234e01c60_NeikiAnalytics.dll,#1113⤵PID:5468
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\2a03e413ffdfbcbafb87c9c234e01c60_NeikiAnalytics.dll,#1114⤵PID:5480
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\2a03e413ffdfbcbafb87c9c234e01c60_NeikiAnalytics.dll,#1115⤵PID:5496
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\2a03e413ffdfbcbafb87c9c234e01c60_NeikiAnalytics.dll,#1116⤵PID:5516
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\2a03e413ffdfbcbafb87c9c234e01c60_NeikiAnalytics.dll,#1117⤵PID:5532
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\2a03e413ffdfbcbafb87c9c234e01c60_NeikiAnalytics.dll,#1118⤵PID:5560
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\2a03e413ffdfbcbafb87c9c234e01c60_NeikiAnalytics.dll,#1119⤵PID:5576
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\2a03e413ffdfbcbafb87c9c234e01c60_NeikiAnalytics.dll,#1120⤵PID:5616
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\2a03e413ffdfbcbafb87c9c234e01c60_NeikiAnalytics.dll,#1121⤵PID:5640
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\2a03e413ffdfbcbafb87c9c234e01c60_NeikiAnalytics.dll,#1122⤵PID:5684
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-