Overview

overview

7

Static

static

3

2c2ef5a9ac...cs.exe

windows7-x64

7

2c2ef5a9ac...cs.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    149s
  • max time network
    154s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240426-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system
  • submitted
    28/05/2024, 01:43

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    2c2ef5a9ac79986b00f4e2218c1ff7d0_NeikiAnalytics.exe

  • Size

    821KB

  • MD5

    2c2ef5a9ac79986b00f4e2218c1ff7d0

  • SHA1

    bfd07850cc836d3f2a1fbfe972f45717d51423ff

  • SHA256

    f929bfa2f0f0b979b189eefefbdd5014c69dd577fce66d3878a126969326d984

  • SHA512

    7cad3efe9c5117408ea39569052c25f5cf8e1e0f7aa39b4cb3f56823fba3739d203be75fa5c611016230b3820c426892ec8d10d91fa9c13dd7559997c800ffef

  • SSDEEP

    12288:UT+W6wnxrSVOBg7/t4Okd3ZdtC4z255EiBlqd7fkKJLZmN1SaEY:UTrnAJRmJLC4ezvqtBLZmN1SaEY

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2c2ef5a9ac79986b00f4e2218c1ff7d0_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\2c2ef5a9ac79986b00f4e2218c1ff7d0_NeikiAnalytics.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:808
    • C:\Users\Admin\AppData\Local\Temp\4064.tmp
      "C:\Users\Admin\AppData\Local\Temp\4064.tmp"
      2⤵
      • Executes dropped EXE
      PID:3136

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Local\Temp\4064.tmp
          Filesize

          821KB

          MD5

          a9f58bf6de08324cea1a603531a42bb1

          SHA1

          9a5a456318b494b5bc60546f5929d4f0ab615196

          SHA256

          bb0745e65864c1f3f83b28813447d3c06e101dc68d4aa56049a7a81e3e0b37fe

          SHA512

          737d368666d41706ef9dcde2e4a798320493eccee59ca7e0e86661ea9e82006125f517aaf8213796b8d9f47d183b6220319f1602764f591fade3e01b67b1f0cb

          Download Submit

        • memory/808-1-0x0000000000AC0000-0x0000000000B8A000-memory.dmp

          Filesize

          808KB

          Download

        • memory/808-5-0x0000000000AC0000-0x0000000000B8A000-memory.dmp

          Filesize

          808KB

          Download

        • memory/3136-6-0x0000000000870000-0x000000000093A000-memory.dmp

          Filesize

          808KB

          Download

        • memory/3136-7-0x0000000000870000-0x000000000093A000-memory.dmp

          Filesize

          808KB

          Download