Analysis

  • max time kernel
    149s
  • max time network
    150s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240508-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
  • submitted
    03-06-2024 11:59

General

  • Target

    a2a872af28f83af57c0dab9fb6eef940_NeikiAnalytics.exe

  • Size

    79KB

  • MD5

    a2a872af28f83af57c0dab9fb6eef940

  • SHA1

    190802f4af9c763addfa61a013e46900cb874a38

  • SHA256

    6e1a554767713b77b0415fda986a2dac3aae62a5662f39c00523705f2db370b9

  • SHA512

    1cad0c322ec4cfd3e141af3f84bf7a1deca85ab31dbcad3df873e90201b04ca87a77d438477a32924192f8c7e4a0f494e471ca2371ea33a251f9b01435802355

  • SSDEEP

    1536:zv66mWLYKn8V5JOQA8AkqUhMb2nuy5wgIP0CSJ+5yjB8GMGlZ5G:zv6PsoIGdqU7uy5w9WMyjN5G

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Suspicious use of WriteProcessMemory 6 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\a2a872af28f83af57c0dab9fb6eef940_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\a2a872af28f83af57c0dab9fb6eef940_NeikiAnalytics.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:4564

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\[email protected]

    Filesize

    79KB

    MD5

    d6fd839cd872ec5e24e79728f0a37e97

    SHA1

    02af506462118ae2ead98f70bb68e6d88f079166

    SHA256

    2700a8134f8c1581275565ea72cd6604b690e6511c325a21bb4ac4a3ff2d7542

    SHA512

    68c70531610f30ad25854c7d8e9d8b4ada35b5678b7e8f43e0f9bc2d2e4d6a16f3dd2a9ef941c923148cb29579f851bcd1a585f854f7f588b9096fde49b0573f

  • memory/4176-5-0x0000000000400000-0x000000000041B000-memory.dmp

    Filesize

    108KB

  • memory/4564-6-0x0000000000400000-0x000000000041B000-memory.dmp

    Filesize

    108KB