Analysis

  • max time kernel
    91s
  • max time network
    93s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240508-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
  • submitted
    03-06-2024 12:03

General

  • Target

    a2bbfefeb1ab5e1aaf429a1a0c301270_NeikiAnalytics.exe

  • Size

    79KB

  • MD5

    a2bbfefeb1ab5e1aaf429a1a0c301270

  • SHA1

    6a6dd1ed9768dbfc96d592e96025884a6287c007

  • SHA256

    6d1fb5dc3fc87106c1ece84cd578d4e607eafa6e457a01cc8177afb2ae79ba74

  • SHA512

    62818093c03dfdf755cc4680d1a1d111441719f6d9ef3459d953982e1a0daadd1f24ad823bfedead0ce05f80ca27b09257200aba9fd6918ecbabc427de5706dc

  • SSDEEP

    1536:zvYONtUW2tbTs1OQA8AkqUhMb2nuy5wgIP0CSJ+5yYdB8GMGlZ5G:zvYODUTpfGdqU7uy5w9WMyYdN5G

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Suspicious use of WriteProcessMemory 6 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\a2bbfefeb1ab5e1aaf429a1a0c301270_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\a2bbfefeb1ab5e1aaf429a1a0c301270_NeikiAnalytics.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:4292

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\[email protected]

    Filesize

    79KB

    MD5

    029b06085fe272fd8746877d92d5cb38

    SHA1

    e5d8468f57837b09915c781a39eec1e86562c375

    SHA256

    567fae947f8ad4970573dbb358e5a3715e55457af2fe3ce136cbcff2483b7e72

    SHA512

    816487e72eb44a56054d64e40ec37c875f61a01d222e89d4ebb7e6dc624d1c4c4f8f0bc6b9ca80e75c5d9652b61fae98bc88592188f82a01d413575cb194ec13

  • memory/860-5-0x0000000000400000-0x000000000041B000-memory.dmp

    Filesize

    108KB

  • memory/4292-6-0x0000000000400000-0x000000000041B000-memory.dmp

    Filesize

    108KB