Overview

overview

7

Static

static

3

7a2aae5d2c...cs.exe

windows7-x64

7

7a2aae5d2c...cs.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    119s
  • max time network
    121s
  • platform
    windows7_x64
  • resource
    win7-20240215-en
  • resource tags

    arch:x64arch:x86image:win7-20240215-enlocale:en-usos:windows7-x64system
  • submitted
    02/06/2024, 22:45

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    7a2aae5d2c97fdcbb07dba27f65b9500_NeikiAnalytics.exe

  • Size

    448KB

  • MD5

    7a2aae5d2c97fdcbb07dba27f65b9500

  • SHA1

    363bf3be6301cb5cf84cc64ab4934889352b66af

  • SHA256

    5f31eb41b89bd80f44590b179f5bb6eb46686afdfa31cdf0edfb5036d94b3ab3

  • SHA512

    51b3d9b8a8c912b7c39ed545a12782b7e61138b847f75ae9856bbbd1bca2d1b9096c9ef42cfc5d5b264b1463a35c4e6cba1eab25bf49a6bae18a179977f0b568

  • SSDEEP

    6144:X/RaEzt93AkUZOiGJXFG0cWhV40saiigCD4H2cHwXWNzDw:X/htVjVDcWhVQ5zCD4TyWN4

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious behavior: RenamesItself 1 IoCs
  • Suspicious use of UnmapMainImage 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\7a2aae5d2c97fdcbb07dba27f65b9500_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\7a2aae5d2c97fdcbb07dba27f65b9500_NeikiAnalytics.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: RenamesItself
    • Suspicious use of WriteProcessMemory
    PID:2416
    • C:\Users\Admin\AppData\Local\Temp\7a2aae5d2c97fdcbb07dba27f65b9500_NeikiAnalytics.exe
      C:\Users\Admin\AppData\Local\Temp\7a2aae5d2c97fdcbb07dba27f65b9500_NeikiAnalytics.exe
      2⤵
      • Deletes itself
      • Executes dropped EXE
      • Suspicious use of UnmapMainImage
      PID:1420

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • \Users\Admin\AppData\Local\Temp\7a2aae5d2c97fdcbb07dba27f65b9500_NeikiAnalytics.exe
          Filesize

          448KB

          MD5

          d1d4e7b1cb7da4042baca7caba1275ce

          SHA1

          d868e9ad4d23e56077228dcbad828b2944a76cfb

          SHA256

          20b04b0837bf4b4753e18c00151cb67785410a89e20216aa928814523d20f7b9

          SHA512

          7727c420bbf7e1adaa10336224444bce2352bf5b7b6055b3e386a6065d4eb68f5c3e068ad731c4ffd42c33105d6512121dd5fffe0fcc7f1439ab9705fafdc082

          Download Submit

        • memory/1420-12-0x0000000000400000-0x000000000041A000-memory.dmp

          Filesize

          104KB

          Download

        • memory/1420-11-0x0000000000400000-0x0000000000446000-memory.dmp

          Filesize

          280KB

          Download

        • memory/1420-17-0x0000000000150000-0x0000000000196000-memory.dmp

          Filesize

          280KB

          Download

        • memory/1420-18-0x0000000000400000-0x0000000000446000-memory.dmp

          Filesize

          280KB

          Download

        • memory/2416-0-0x0000000000400000-0x0000000000446000-memory.dmp

          Filesize

          280KB

          Download

        • memory/2416-6-0x00000000003B0000-0x00000000003F6000-memory.dmp

          Filesize

          280KB

          Download

        • memory/2416-10-0x0000000000400000-0x0000000000446000-memory.dmp

          Filesize

          280KB

          Download