8cd8dabc414c85e87459da01a6946c7a8b7b7bd728796a842ed56933da34102a

Analysis

max time kernel
92s
max time network
94s
platform
windows10-2004_x64
resource
win10v2004-20240426-en
resource tags

arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system
submitted
27-05-2024 23:09

Target

2620b254a339f09a5ec4ac971cf87270_NeikiAnalytics.dll
Size

6KB
MD5

2620b254a339f09a5ec4ac971cf87270
SHA1

fcb82a8b6d5ba0365f610548c24a1b848ae453f1
SHA256

8cd8dabc414c85e87459da01a6946c7a8b7b7bd728796a842ed56933da34102a
SHA512

42411e14b2f856aa12eee6f790371afe1115f4daf3af691fb4b46228d1965a322eccbf8d799f74a6bc0bc046635ea4da84fd76acf16e5ac3bb3b7725fa5d40f5
SSDEEP

48:6WQV5YVOqtV0H1pw9ygYVUG0jB+BDq9J5SC:8qtV0HAr4iB+FqX5SC

Score

1^/10

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 4596 wrote to memory of 1096	4596	rundll32.exe	82
PID 4596 wrote to memory of 1096	4596	rundll32.exe	82
PID 4596 wrote to memory of 1096	4596	rundll32.exe	82

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\2620b254a339f09a5ec4ac971cf87270_NeikiAnalytics.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:4596
- C:\Windows\SysWOW64\rundll32.exe
  rundll32.exe C:\Users\Admin\AppData\Local\Temp\2620b254a339f09a5ec4ac971cf87270_NeikiAnalytics.dll,#1
  2⤵
  PID:1096