9cc7295b8e6a0550d745878a039a35d52619ac4adf7560d8e8ae0a726f2beac7

Analysis

max time kernel
118s
max time network
119s
platform
windows7_x64
resource
win7-20240419-en
resource tags

arch:x64arch:x86image:win7-20240419-enlocale:en-usos:windows7-x64system
submitted
01/06/2024, 06:22

Target

90aa4694e43746a30db753685d7f8920_NeikiAnalytics.exe
Size

517KB
MD5

90aa4694e43746a30db753685d7f8920
SHA1

d9a33cf832a38efbdd8b8e20a4c014c4123e5689
SHA256

9cc7295b8e6a0550d745878a039a35d52619ac4adf7560d8e8ae0a726f2beac7
SHA512

c8b762e885735351a3b0d9ec119124bfea3c272c163af92ee505c60860e34d893ec8ce7187d99f9be14be1638cd65f50d6195be20800eedbcce5c2c358ecb065
SSDEEP

6144:gOs3tLplPPISUUmSkS5DfWtQhQrWo0ib7VGOi3MqX+zrlCOJ:gOsdVJPISUUmSVStQhGWo3b1i9X+g

Score

7^/10

upx

UPX packed file 2 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
behavioral1/memory/1704-0-0x0000000000400000-0x0000000000483000-memory.dmp	upx
behavioral1/memory/1704-3-0x0000000000400000-0x0000000000483000-memory.dmp	upx

Suspicious use of SetWindowsHookEx 4 IoCs

pid	Process
1704	90aa4694e43746a30db753685d7f8920_NeikiAnalytics.exe
1704	90aa4694e43746a30db753685d7f8920_NeikiAnalytics.exe
1704	90aa4694e43746a30db753685d7f8920_NeikiAnalytics.exe
1704	90aa4694e43746a30db753685d7f8920_NeikiAnalytics.exe

C:\Users\Admin\AppData\Local\Temp\90aa4694e43746a30db753685d7f8920_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\90aa4694e43746a30db753685d7f8920_NeikiAnalytics.exe"
1⤵
- Suspicious use of SetWindowsHookEx
PID:1704

memory/1704-0-0x0000000000400000-0x0000000000483000-memory.dmp

Filesize
524KB

Download
memory/1704-1-0x0000000000900000-0x0000000000983000-memory.dmp

Filesize
524KB

Download
memory/1704-2-0x0000000000900000-0x0000000000983000-memory.dmp

Filesize
524KB

Download
memory/1704-3-0x0000000000400000-0x0000000000483000-memory.dmp

Filesize
524KB

Download
memory/1704-4-0x0000000000900000-0x0000000000983000-memory.dmp

Filesize
524KB

Download