Analysis

  • max time kernel
    131s
  • max time network
    124s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240508-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
  • submitted
    28-05-2024 04:38

General

  • Target

    32c8c18695345c5cb012259b26e44dd0_NeikiAnalytics.exe

  • Size

    224KB

  • MD5

    32c8c18695345c5cb012259b26e44dd0

  • SHA1

    dd29a982c0dc3a3114970817646eaa5fd10df33a

  • SHA256

    c9a958b9fe553ef0140df0f0176e608d6335a4dd283ae8761bb27065fd7ac8d9

  • SHA512

    1757209dd2adc435bb9aa7f176591f8ac7c4f6d5f86cf1796af83cc51c1b229b9457e05c0add4917f6aa49c737aa4e48d5c661d21bdb2272b3bfb8b6d0e7651f

  • SSDEEP

    3072:TKC7MKza/YnXbvr+yNEjGS8isZ4HukP8YVqsZVcDvOmzn1aDGrXI:N7rZTh2G/iw4HuNYAsZ+RZrXI

Score
8/10

Malware Config

Signatures

Processes

  • C:\Users\Admin\AppData\Local\Temp\32c8c18695345c5cb012259b26e44dd0_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\32c8c18695345c5cb012259b26e44dd0_NeikiAnalytics.exe"
    1⤵
    • Drops file in Program Files directory
    PID:640
  • C:\PROGRA~3\Mozilla\ywswmda.exe
    C:\PROGRA~3\Mozilla\ywswmda.exe -zhzkoil
    1⤵
    • Executes dropped EXE
    • Drops file in Program Files directory
    PID:3612

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\ProgramData\Mozilla\ywswmda.exe

    Filesize

    224KB

    MD5

    f355821d747b26b3a4c08f7f9169c417

    SHA1

    6b7dd11608825a8166e303940792cdb697302220

    SHA256

    39932be1f5cd294c67bf57111ebf2f4c1fbf1f8b5123b46dcbe7f158c61bebf4

    SHA512

    53ed14fb010d6d52fa73bd89c852a7d663111934704b0225e8fb017d54763ff5d0454ccbb50f743e32e10e09d77b6e4274cb43cda8ce86eb4d33c006e3f20b0c

  • memory/640-0-0x0000000000400000-0x000000000045D000-memory.dmp

    Filesize

    372KB

  • memory/640-1-0x0000000001F80000-0x0000000001FDB000-memory.dmp

    Filesize

    364KB

  • memory/640-2-0x0000000000400000-0x000000000045B000-memory.dmp

    Filesize

    364KB

  • memory/640-5-0x0000000000400000-0x000000000045B000-memory.dmp

    Filesize

    364KB

  • memory/3612-8-0x0000000000400000-0x000000000045D000-memory.dmp

    Filesize

    372KB

  • memory/3612-9-0x0000000000400000-0x000000000045D000-memory.dmp

    Filesize

    372KB

  • memory/3612-11-0x0000000000400000-0x000000000045B000-memory.dmp

    Filesize

    364KB