Analysis
-
max time kernel
120s -
max time network
126s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
27/05/2024, 18:30
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
0b232b21c431256119aa1ba597b43b10_NeikiAnalytics.exe
Resource
win7-20240221-en
2 signatures
150 seconds
Behavioral task
behavioral2
Sample
0b232b21c431256119aa1ba597b43b10_NeikiAnalytics.exe
Resource
win10v2004-20240426-en
0 signatures
150 seconds
General
-
Target
0b232b21c431256119aa1ba597b43b10_NeikiAnalytics.exe
-
Size
775KB
-
MD5
0b232b21c431256119aa1ba597b43b10
-
SHA1
7005c6ffa525470dfc6445603aff4a0ab7068061
-
SHA256
57d2fdcb343f1446a59be36a27652dd8f0f035878580ee0ffc549deafd363c6f
-
SHA512
f6cede803c10494f85d2a6dfeccde9afa2813add263b04df4f8c63ef0d19629c20c8a8151bbbc5af0a50459b6453a5c5090e0160124a32c3ef38d488c5ea25c8
-
SSDEEP
24576:HAnARmRsDwJxmjQt/sBlDqgZQd6XKtiMJYiPU:HXmRsDwHmja/snji6attJM
Score
5/10
Malware Config
Signatures
-
Drops file in System32 directory 1 IoCs
description ioc Process File opened for modification C:\Windows\System32\alg.exe 0b232b21c431256119aa1ba597b43b10_NeikiAnalytics.exe -
Suspicious use of AdjustPrivilegeToken 1 IoCs
description pid Process Token: SeTakeOwnershipPrivilege 1556 0b232b21c431256119aa1ba597b43b10_NeikiAnalytics.exe