Analysis
-
max time kernel
117s -
max time network
118s -
platform
windows7_x64 -
resource
win7-20240508-en -
resource tags
arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system -
submitted
30-05-2024 12:52
Behavioral task
behavioral1
Sample
0f1b9315d570e9bc88d4dae291c0aa90_NeikiAnalytics.pdf
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
0f1b9315d570e9bc88d4dae291c0aa90_NeikiAnalytics.pdf
Resource
win10v2004-20240426-en
General
-
Target
0f1b9315d570e9bc88d4dae291c0aa90_NeikiAnalytics.pdf
-
Size
658KB
-
MD5
0f1b9315d570e9bc88d4dae291c0aa90
-
SHA1
59eaebeddfa6a6a9fe6f8cbfc3bb20835cb8bba3
-
SHA256
b25be7a95e39f69ec3a5af2caeceeb0c104dd91692c488bc419b816cce2186f9
-
SHA512
5b1a8a138bcbfc8309c582fce6fa03de7186f5f0c0ba4bfba8c3a0a672dd855f37c6a79289b61e816e0b98980b12dde3b52dbf216e04ece5ee2f6844eaf5922a
-
SSDEEP
12288:Lx9k9pFCYIFSVYbFw3r529h0FD0cSbLj6Phb0k+jyfWm36tkbB+:19qpFrVVYArASFDXSspSAWmKtb
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 2424 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 4 IoCs
pid Process 2424 AcroRd32.exe 2424 AcroRd32.exe 2424 AcroRd32.exe 2424 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\0f1b9315d570e9bc88d4dae291c0aa90_NeikiAnalytics.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2424
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5b372b17210e120fb7693b7f7337210f3
SHA1d0494fa69af7fdb3c1d09ddfadf607dcd81b029c
SHA2569b85a88c4a36780f5f7c402078d60f34cf0643508333d426ad75cb2e26def285
SHA51279b17d1b83fb492fbfc049ce9b2f377cacc088081085598057b33a4d3e18ac33266dcccdfb55737bec853b7579375c92dd0863897f8136dcc52bd904714b5c2c