0c90ab2291ab6a67cc0e9a339e899fda36f1228d6c58aa581b38e029706875df

Analysis

max time kernel
117s
max time network
122s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
27-05-2024 13:15

Target

a2364e545935b6d978a49e8e134d6eb0_NeikiAnalytics.exe
Size

73KB
MD5

a2364e545935b6d978a49e8e134d6eb0
SHA1

94acab292efcdc2cb9c1c3bfaf5ab171bf334162
SHA256

0c90ab2291ab6a67cc0e9a339e899fda36f1228d6c58aa581b38e029706875df
SHA512

4d1ebdc8758ec22a30da320f62d6448a3812f806a04ac3df0e2e21afd5b42f7129f69139a502111d618c2bde6ac779dcbd80b19e9909f23fa307ec946f4811e8
SSDEEP

1536:1OobJP8l9DciaVxlo1/hiCK0iyx8MZiUK+UPtpWI4TNGnB:lClQyPxTi5P76NGnB

Score

7^/10

Executes dropped EXE 1 IoCs

pid	Process
2512	ealrimeag-idix.exe

Loads dropped DLL 1 IoCs

pid	Process
2760	a2364e545935b6d978a49e8e134d6eb0_NeikiAnalytics.exe

Drops file in System32 directory 2 IoCs

description	ioc	Process
File opened for modification	C:\Windows\SysWOW64\ealrimeag-idix.exe	a2364e545935b6d978a49e8e134d6eb0_NeikiAnalytics.exe
File created	C:\Windows\SysWOW64\ealrimeag-idix.exe	a2364e545935b6d978a49e8e134d6eb0_NeikiAnalytics.exe

C:\Users\Admin\AppData\Local\Temp\a2364e545935b6d978a49e8e134d6eb0_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\a2364e545935b6d978a49e8e134d6eb0_NeikiAnalytics.exe"
1⤵
- Loads dropped DLL
- Drops file in System32 directory
PID:2760
- C:\Windows\SysWOW64\ealrimeag-idix.exe
  "C:\Windows\SysWOW64\ealrimeag-idix.exe"
  2⤵
  - Executes dropped EXE
  PID:2512

\Windows\SysWOW64\ealrimeag-idix.exe

Filesize
70KB

MD5
c646d26f722e992d18978b035be584a2

SHA1
54c5447b6439c587bff6a3707e25891843110776

SHA256
0db70e92f29b4625a43c61fdec5b6191ec4ecd9d616bd5deda8b5b07addc508f

SHA512
b6e6f8befe47cd32cacfcb418094609ff5f12fc67e98e42a0a792d16fd112f87a29af213b74d64e1c3cf11bd08773eb2cfab85c4922caca48bd1d509c8253f4c

Download Submit
memory/2760-5-0x0000000000400000-0x0000000000403000-memory.dmp

Filesize
12KB

Download