118c463aee853035eb185b6fae879b033a52fe127b2b5f4105968acce1b0e065

Analysis

max time kernel
129s
max time network
126s
platform
windows10-2004_x64
resource
win10v2004-20240508-en
resource tags

arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
submitted
29/05/2024, 03:51

Target

39a9d0c1ec1bc7a1cf18af2d6cb3fe20_NeikiAnalytics.exe
Size

17KB
MD5

39a9d0c1ec1bc7a1cf18af2d6cb3fe20
SHA1

d58ded21454b7d0235bff10d9d70af04bbc84f23
SHA256

118c463aee853035eb185b6fae879b033a52fe127b2b5f4105968acce1b0e065
SHA512

9042eb71821340230c614d909116bdca764b700c43e75c422facd41a9e3963ac04869a3a0236b0fc8bf9abeec5222d54a5c9a95090f8c80ffcdfb393c82814db
SSDEEP

96:qjUvrYH3t6jBIamJmPdz336NC+98Nxh4ztuaBH2rYtILNlft7Tq+a:CUM2B19PdzaJ8ND4huaBWrYONlFvfa

Score

7^/10

upx

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
behavioral2/memory/1876-0-0x0000000000400000-0x0000000000411000-memory.dmp	upx

Program crash 1 IoCs

pid	pid_target	Process	procid_target
4240	1876	WerFault.exe	81

C:\Users\Admin\AppData\Local\Temp\39a9d0c1ec1bc7a1cf18af2d6cb3fe20_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\39a9d0c1ec1bc7a1cf18af2d6cb3fe20_NeikiAnalytics.exe"
1⤵
PID:1876
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 1876 -s 220
  2⤵
  - Program crash
  PID:4240

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 404 -p 1876 -ip 1876
1⤵
PID:4180

memory/1876-0-0x0000000000400000-0x0000000000411000-memory.dmp

Filesize
68KB

Download