Analysis
-
max time kernel
118s -
max time network
123s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
30-05-2024 05:13
Behavioral task
behavioral1
Sample
65f58097a858ed650dffd32cea779220NeikiAnalytics.exe
Resource
win7-20240221-en
General
-
Target
65f58097a858ed650dffd32cea779220NeikiAnalytics.exe
-
Size
6.0MB
-
MD5
65f58097a858ed650dffd32cea779220
-
SHA1
206d7a96fbaf889870f9bea850f994cb00951407
-
SHA256
6b0197dccf820b73be81ca982897fe3f183fb573fe1c6f2584edc1d6d70fc04b
-
SHA512
9349b6d3d6bde587ef5aa935bbead197fdaced5967b8ef97709dab45d47d29f1ccc9076946dec812da22aa2aa3105baf0e57bb28e326b29bd459765efce8499f
-
SSDEEP
196608:mrNZBFIqeN/FJMIDJf0gsAGK4RKuAKVgwB:oAl/Fqyf0gstNAKZ
Malware Config
Signatures
-
Loads dropped DLL 1 IoCs
Processes:
65f58097a858ed650dffd32cea779220NeikiAnalytics.exepid process 1988 65f58097a858ed650dffd32cea779220NeikiAnalytics.exe -
Processes:
resource yara_rule C:\Users\Admin\AppData\Local\Temp\_MEI23202\python310.dll upx -
Suspicious use of WriteProcessMemory 3 IoCs
Processes:
65f58097a858ed650dffd32cea779220NeikiAnalytics.exedescription pid process target process PID 2320 wrote to memory of 1988 2320 65f58097a858ed650dffd32cea779220NeikiAnalytics.exe 65f58097a858ed650dffd32cea779220NeikiAnalytics.exe PID 2320 wrote to memory of 1988 2320 65f58097a858ed650dffd32cea779220NeikiAnalytics.exe 65f58097a858ed650dffd32cea779220NeikiAnalytics.exe PID 2320 wrote to memory of 1988 2320 65f58097a858ed650dffd32cea779220NeikiAnalytics.exe 65f58097a858ed650dffd32cea779220NeikiAnalytics.exe
Processes
-
C:\Users\Admin\AppData\Local\Temp\65f58097a858ed650dffd32cea779220NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\65f58097a858ed650dffd32cea779220NeikiAnalytics.exe"1⤵
- Suspicious use of WriteProcessMemory
PID:2320 -
C:\Users\Admin\AppData\Local\Temp\65f58097a858ed650dffd32cea779220NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\65f58097a858ed650dffd32cea779220NeikiAnalytics.exe"2⤵
- Loads dropped DLL
PID:1988
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
1.4MB
MD5178a0f45fde7db40c238f1340a0c0ec0
SHA1dcd2d3d14e06da3e8d7dc91a69b5fd785768b5fe
SHA2569fcb5ad15bd33dd72122a171a5d950e8e47ceda09372f25df828010cde24b8ed
SHA5124b790046787e57b9414a796838a026b1530f497a75c8e62d62b56f8c16a0cbedbefad3d4be957bc18379f64374d8d3bf62d3c64b53476c7c5005a7355acd2cee