Overview

overview

7

Static

static

3

0e7c0cb946...cs.exe

windows7-x64

7

0e7c0cb946...cs.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    118s
  • max time network
    124s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    03/06/2024, 22:59

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    0e7c0cb9466a98f838459a5754034380_NeikiAnalytics.exe

  • Size

    4.1MB

  • MD5

    0e7c0cb9466a98f838459a5754034380

  • SHA1

    a740ac266bf772958bd9eff7a5615f263128ca72

  • SHA256

    aa96ab22374ad4d95c5e33b5187c65e09d3e3d11d0dc02f4be9d0e321cee4d39

  • SHA512

    57aa0e660cccc49577f12282ec61a62bd28eee832c5d0ae793265f3ee374211d6eb28db67f4ca9390727834f6af3d9419d95044aacd6cd13d57bdf4f0d109692

  • SSDEEP

    24576:kE5L4DJEaPZSVTb+eezha/ZSbpYvxYTqD2Rkea/ZSAajJBMqAX1Ea/pSOue+l:lg+Q6XMhgSVgCo/OgTw

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 4 IoCs
  • Program crash 1 IoCs
  • Suspicious behavior: RenamesItself 1 IoCs
  • Suspicious use of UnmapMainImage 1 IoCs
  • Suspicious use of WriteProcessMemory 8 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\0e7c0cb9466a98f838459a5754034380_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\0e7c0cb9466a98f838459a5754034380_NeikiAnalytics.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: RenamesItself
    • Suspicious use of WriteProcessMemory
    PID:2684
    • C:\Users\Admin\AppData\Local\Temp\0e7c0cb9466a98f838459a5754034380_NeikiAnalytics.exe
      C:\Users\Admin\AppData\Local\Temp\0e7c0cb9466a98f838459a5754034380_NeikiAnalytics.exe
      2⤵
      • Deletes itself
      • Executes dropped EXE
      • Suspicious use of UnmapMainImage
      • Suspicious use of WriteProcessMemory
      PID:3016
      • C:\Windows\SysWOW64\WerFault.exe
        C:\Windows\SysWOW64\WerFault.exe -u -p 3016 -s 144
        3⤵
        • Loads dropped DLL
        • Program crash
        PID:2860

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • \Users\Admin\AppData\Local\Temp\0e7c0cb9466a98f838459a5754034380_NeikiAnalytics.exe
          Filesize

          4.1MB

          MD5

          25d1d03c16830e1f38c50db48eb1f193

          SHA1

          be349f86b4cefb9f6d6038291d9488148a3fd8d0

          SHA256

          2ab880fed25a24fb8ae89ba7965d7479ada4b6aa3b728b1feee41d3030ace06b

          SHA512

          f1415b6419a08f50141a07c9128c4a79c6a3e690857b4088c34d7c460992d4387c79db70630ff40826c33571c40a975424f2b08b79c71c072ec197bb7e907cd8

          Download Submit

        • memory/2684-0-0x0000000000400000-0x00000000004EC000-memory.dmp

          Filesize

          944KB

          Download

        • memory/3016-8-0x0000000000400000-0x00000000004EC000-memory.dmp

          Filesize

          944KB

          Download

        • memory/3016-9-0x0000000002F60000-0x000000000304C000-memory.dmp

          Filesize

          944KB

          Download