Analysis
-
max time kernel
120s -
max time network
121s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
30-05-2024 13:21
Behavioral task
behavioral1
Sample
e9407d8478607e3f73d9e23b1128eab0_NeikiAnalytics.pdf
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
e9407d8478607e3f73d9e23b1128eab0_NeikiAnalytics.pdf
Resource
win10v2004-20240508-en
General
-
Target
e9407d8478607e3f73d9e23b1128eab0_NeikiAnalytics.pdf
-
Size
689KB
-
MD5
e9407d8478607e3f73d9e23b1128eab0
-
SHA1
2b92aa9fac844d70eb92fb45899bdee72496990b
-
SHA256
d5260e7fb44d924b7108eb741b402bc7bd65d10c7ab4be606eee08ea72fb33e4
-
SHA512
7f667391251ad7b5c23892adac769076d19ef0305557d55d5f3b03b49b1a50d112805adf08075bce51d54024186446c3de3c71b06ab331f9fed69909fba4d0d9
-
SSDEEP
12288:Y8VOrZWRW0E8KGWkCDhIYviTvSVJ/swsg1zafbVQuC53C9PwjsIB4ECs3k39Rxx9:mrQRb0kCDiGiToJ/swsismuCsxPsWbQg
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 1740 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 4 IoCs
pid Process 1740 AcroRd32.exe 1740 AcroRd32.exe 1740 AcroRd32.exe 1740 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\e9407d8478607e3f73d9e23b1128eab0_NeikiAnalytics.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:1740
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD57165af9e5f104dd29dd0d9cef8cf0cc7
SHA1beacadbbb74efccb41d25b9a75b51a9c36366066
SHA2562f7718ef5949bc1a95a9cc2d5a7e697d09d96ffddcc105c2d5b9d97278fd7c41
SHA5120a52c26f27792f0b13daf5dee9042ffe22bc82ff895d913c73af64c1c4c394b5400efe83d8f2cd4bb19bb6ab750358c5b8b904572caff5a10a38b5dc20741d10