Analysis
-
max time kernel
118s -
max time network
119s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
30-05-2024 12:55
Behavioral task
behavioral1
Sample
4f2afe96a15bee695258a290ffec0730_NeikiAnalytics.pdf
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
4f2afe96a15bee695258a290ffec0730_NeikiAnalytics.pdf
Resource
win10v2004-20240426-en
General
-
Target
4f2afe96a15bee695258a290ffec0730_NeikiAnalytics.pdf
-
Size
156KB
-
MD5
4f2afe96a15bee695258a290ffec0730
-
SHA1
cc8e99920f3a991d374849e564f57f2cba060bbb
-
SHA256
37c57b8c040e6ec1ddb91949b371ec59b767ddcfd2cfacf0f06e76194228538d
-
SHA512
4e81f3130fcd7180f510ea1cb644bd7650a544d444e27e230c8856f1babe003162c68022e3b9275274ceef0568c1f70e679f29c5e84ff8757cd3bf7b45e51550
-
SSDEEP
3072:FNo/clIDIcr0BgZvHNplkX8eiTOSnM+VJ2CYN1TI8yRuYfF2/Iy++:+IVBuvBkXliVM+vJYPIPRNfo
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 2924 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 4 IoCs
pid Process 2924 AcroRd32.exe 2924 AcroRd32.exe 2924 AcroRd32.exe 2924 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\4f2afe96a15bee695258a290ffec0730_NeikiAnalytics.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2924
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD587c71746396d4670db05cf244512bae1
SHA10428304fa1ffb9cc762ac7e946b9c4df6674d0af
SHA256087ab1422f57e1ca1e675048dad6f7a3bdfd192b1e8d9249d61ba4707d932eb7
SHA5121e9ca2c19b2defcae1e544c74785e02985b4cfc97d0edd918d29e524512db61ca5c0961f55f9bb95ccde74f9162105905c51656196c2840f28e523da3d4384f7