Overview

overview

3

Static

static

3

25fe280cea...cs.exe

windows7-x64

1

25fe280cea...cs.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    118s
  • max time network
    124s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    02/06/2024, 02:30

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    25fe280cea6ef15f6a5ea3e7f0328e00_NeikiAnalytics.exe

  • Size

    702KB

  • MD5

    25fe280cea6ef15f6a5ea3e7f0328e00

  • SHA1

    1d2ea63e6dabc583871b6d09d2f480daf4bb6f2f

  • SHA256

    09aaae02b06f1df2b7c9f70ff68edd7fa55d2e54325e88c549f45cf55dc68452

  • SHA512

    729776972574a15169f94af9f09a2883aa9c789759c75b2a580b336b76fc08e3d8c78be3e62bcf6e2938e5d9df169a74e4ca815ead7c6285f373c21718edffdb

  • SSDEEP

    12288:5SYFz/TvMTmkJR4Do07Y86gw5CtCjX+NLuFhNpBeZT3X:FFjISkQ/7Gb8NLEbeZ

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\25fe280cea6ef15f6a5ea3e7f0328e00_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\25fe280cea6ef15f6a5ea3e7f0328e00_NeikiAnalytics.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:1284

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • memory/1284-0-0x0000000000400000-0x00000000004B6000-memory.dmp

          Filesize

          728KB

          Download

        • memory/1284-1-0x0000000000390000-0x00000000003F6000-memory.dmp

          Filesize

          408KB

          Download

        • memory/1284-7-0x0000000000390000-0x00000000003F6000-memory.dmp

          Filesize

          408KB

          Download

        • memory/1284-11-0x0000000000400000-0x00000000004B6000-memory.dmp

          Filesize

          728KB

          Download