Analysis
-
max time kernel
117s -
max time network
123s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
30-05-2024 13:12
Behavioral task
behavioral1
Sample
3abe96a65ee79510126d6c7591e66090_NeikiAnalytics.pdf
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
3abe96a65ee79510126d6c7591e66090_NeikiAnalytics.pdf
Resource
win10v2004-20240508-en
General
-
Target
3abe96a65ee79510126d6c7591e66090_NeikiAnalytics.pdf
-
Size
253KB
-
MD5
3abe96a65ee79510126d6c7591e66090
-
SHA1
5157da0a4daf9e407b6cbfeefc626f2b92bc78a4
-
SHA256
f74ec8372bff80cb0d61f80cd9fafa1c7a851c37f9f3d28e68b69839f0c9a391
-
SHA512
827529c05a9975b0aca1c182dc303d9030ff1192de53d136a2865ec3a4adfb913f664690500f37674d57c34415b90f87806f7e58d47cbed76a3d8a2bcbbf4e3f
-
SSDEEP
6144:c2xWMLZ+0gDfS/GC9IEWwa1uQImh150c6n5aAKVMZhDfYqic:NzLDxGC9IEGemh1ZS8AKSWc
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 2484 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 4 IoCs
pid Process 2484 AcroRd32.exe 2484 AcroRd32.exe 2484 AcroRd32.exe 2484 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\3abe96a65ee79510126d6c7591e66090_NeikiAnalytics.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2484
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5f422731bb254484b001a0030967b7795
SHA15c52b9a13dfe592f8f04588cb2ceaae687d21277
SHA256338b420f0e593bdaebec5cb9104bb042e906462a7ef1f22ea96536ee97bce030
SHA512f0a543ca7ec54c571e82eba05d21fed22993a26ecd4a0e85c9503de853ef2ed66444921dd99aa2a8810989e0b63ce5dd0e639645e1a8b4a7ca5b98efbe4e22c9