Overview

overview

7

Static

static

3

57e8265d4a...cs.exe

windows7-x64

7

57e8265d4a...cs.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    118s
  • max time network
    120s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    29/05/2024, 22:15

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    57e8265d4ab7d71d0455cce4c2b12eb0_NeikiAnalytics.exe

  • Size

    203KB

  • MD5

    57e8265d4ab7d71d0455cce4c2b12eb0

  • SHA1

    b82f4ccf0babd9c6b8563a0ffd3483106c833b15

  • SHA256

    9fdd1af5a3ece6e3e9b0c86595482fa47301425ce67aeeefaab11c2339249776

  • SHA512

    168ccb3107b7749a3440b301a608deedaa4ffcbfbe7f8331c7221714dd3a59dc5afefa7d14d562715a76bee8880f760d27519f1bbdd3dd61681d9606ada50271

  • SSDEEP

    6144:RCl/BxKrGk88gWSjy4Ji/+X/gfMLZZsZ:MdBxKrGug44Ji/+vEGvg

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious behavior: RenamesItself 1 IoCs
  • Suspicious use of UnmapMainImage 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\57e8265d4ab7d71d0455cce4c2b12eb0_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\57e8265d4ab7d71d0455cce4c2b12eb0_NeikiAnalytics.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: RenamesItself
    • Suspicious use of WriteProcessMemory
    PID:2880
    • C:\Users\Admin\AppData\Local\Temp\57e8265d4ab7d71d0455cce4c2b12eb0_NeikiAnalytics.exe
      C:\Users\Admin\AppData\Local\Temp\57e8265d4ab7d71d0455cce4c2b12eb0_NeikiAnalytics.exe
      2⤵
      • Deletes itself
      • Executes dropped EXE
      • Suspicious behavior: GetForegroundWindowSpam
      • Suspicious use of UnmapMainImage
      PID:1652

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Users\Admin\AppData\Local\Temp\57e8265d4ab7d71d0455cce4c2b12eb0_NeikiAnalytics.exe
    Filesize

    203KB

    MD5

    633e12cc829e5923a93d9f41fea69e0c

    SHA1

    13c9d8e68791a498ef4b733d6dd5d5d0babe395a

    SHA256

    5ee3ff0b8e2fdb1fdd8d12ae8e52d0493109aa8ce438daf7fbc840b90d5a8332

    SHA512

    8fd6cfd9c722ae3de93a46e8f5f28e23ee2cf6123b86eb61a7b0b3ea5ae69156d085054046b2637d49655d30d2c2cd1e0351cd905158bf216718a9af4c0e3658

    Download Submit

  • memory/1652-11-0x0000000000400000-0x000000000043E000-memory.dmp

    Filesize

    248KB

    Download

  • memory/1652-17-0x00000000002D0000-0x000000000030E000-memory.dmp

    Filesize

    248KB

    Download

  • memory/1652-12-0x0000000000400000-0x0000000000415000-memory.dmp

    Filesize

    84KB

    Download

  • memory/2880-0-0x0000000000400000-0x000000000043E000-memory.dmp

    Filesize

    248KB

    Download

  • memory/2880-6-0x0000000000130000-0x000000000016E000-memory.dmp

    Filesize

    248KB

    Download

  • memory/2880-10-0x0000000000400000-0x000000000043E000-memory.dmp

    Filesize

    248KB

    Download