c0d740568c0120b231a94aa4f4da535a318942db28606fbf280d1794d15948d0 | Triage

Analysis

max time kernel
149s
max time network
151s
platform
windows10-2004_x64
resource
win10v2004-20240426-en
resource tags

arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system
submitted
31/05/2024, 00:10

Sharing

Report Analysis Logs

General

Target

6e6c4ae3605ce47121478fa693282e00_NeikiAnalytics.dll
Size

3KB
MD5

6e6c4ae3605ce47121478fa693282e00
SHA1

dd8cb8bc3fe752c9d0855d6974b2b19ed2c206cf
SHA256

c0d740568c0120b231a94aa4f4da535a318942db28606fbf280d1794d15948d0
SHA512

a9c026326ae6d98c37917d86ab740c3716f5b035ba3db04055f5716e30cfae17d48b14a57c36dafdb28063e6cb86210c1bd6e447125dead343fc27c166f73fde

Score

1^/10

Malware Config

Signatures

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 1640 wrote to memory of 1004	1640	rundll32.exe	81
PID 1640 wrote to memory of 1004	1640	rundll32.exe	81
PID 1640 wrote to memory of 1004	1640	rundll32.exe	81

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\6e6c4ae3605ce47121478fa693282e00_NeikiAnalytics.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:1640
- C:\Windows\SysWOW64\rundll32.exe
  rundll32.exe C:\Users\Admin\AppData\Local\Temp\6e6c4ae3605ce47121478fa693282e00_NeikiAnalytics.dll,#1
  2⤵
  PID:1004

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads