Overview

overview

7

Static

static

3

8083bb6358...cs.exe

windows7-x64

7

8083bb6358...cs.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    118s
  • max time network
    118s
  • platform
    windows7_x64
  • resource
    win7-20240419-en
  • resource tags

    arch:x64arch:x86image:win7-20240419-enlocale:en-usos:windows7-x64system
  • submitted
    31-05-2024 21:32

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    8083bb6358116b17772976421d2023b0_NeikiAnalytics.exe

  • Size

    401KB

  • MD5

    8083bb6358116b17772976421d2023b0

  • SHA1

    680bb99ea0d572fc7fc7cae6f29aa939004d2408

  • SHA256

    ac9bc00fcc902a86e3af51f13ef775ae965f6a78de9c1ddeb2d460d17331db61

  • SHA512

    d9cad2206e6ff3b2e229473cbb789ab7f36f8f5b89adffc6cf59c501d87ebbf30d5dfa63f135dadf878f5a0a3acaf2bd5089863f62a3d60591d713dce090fd9f

  • SSDEEP

    6144:YngLkRXg1BC2w9BNISoay+VF2MhFBC3OPO0MzxmlkTaVMzxmlkTanJlnvewRwMzi:YgLh13wvNI0yMFTKeW0MAMU9RwM

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious behavior: RenamesItself 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\8083bb6358116b17772976421d2023b0_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\8083bb6358116b17772976421d2023b0_NeikiAnalytics.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: RenamesItself
    • Suspicious use of WriteProcessMemory
    PID:1824
    • C:\Users\Admin\AppData\Local\Temp\8083bb6358116b17772976421d2023b0_NeikiAnalytics.exe
      C:\Users\Admin\AppData\Local\Temp\8083bb6358116b17772976421d2023b0_NeikiAnalytics.exe
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:2028

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Users\Admin\AppData\Local\Temp\8083bb6358116b17772976421d2023b0_NeikiAnalytics.exe
    Filesize

    401KB

    MD5

    a2e91ec382e4c8a9f14b5e925dbceedb

    SHA1

    797c56bac2b113bc3dd921f71d7141a3428e20bc

    SHA256

    188caea3d950d33fb600b24d9a671a6c8e17b47ace6742d7a01e1c8cca4f725c

    SHA512

    96bc4568f02ed42416744615d2c20c3fa93b0ffdd5ef1675d0a90efccd7ccad05d0cd60b8114a2a8077762d6e03134bcdc9dfc3240c66c524579b524d27fcbd7

    Download Submit

  • memory/1824-0-0x0000000000400000-0x0000000000472000-memory.dmp

    Filesize

    456KB

    Download

  • memory/1824-10-0x0000000000400000-0x0000000000472000-memory.dmp

    Filesize

    456KB

    Download

  • memory/2028-11-0x0000000000400000-0x0000000000472000-memory.dmp

    Filesize

    456KB

    Download

  • memory/2028-13-0x0000000000400000-0x0000000000472000-memory.dmp

    Filesize

    456KB

    Download