Analysis
-
max time kernel
119s -
max time network
126s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
03-06-2024 12:03
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
a2bdb45df4ac7a997697f64f3e0db650_NeikiAnalytics.dll
Resource
win7-20240221-en
1 signatures
150 seconds
Behavioral task
behavioral2
Sample
a2bdb45df4ac7a997697f64f3e0db650_NeikiAnalytics.dll
Resource
win10v2004-20240426-en
1 signatures
150 seconds
General
-
Target
a2bdb45df4ac7a997697f64f3e0db650_NeikiAnalytics.dll
-
Size
81KB
-
MD5
a2bdb45df4ac7a997697f64f3e0db650
-
SHA1
8232d737f973fc437ac3c960168c5cbe79b83b5a
-
SHA256
d45ab366e162334ba270ab7f0f745ec3dd2f02f4ecf88fc7e990d30eadf1f618
-
SHA512
a61995341ababade5cbb62c64e019a9270bf49a03522fcb2871508da51dd722b6762607cf41287ef0ab59adb8464d8c95c78f145e48da674d65778fc8fa9c84c
-
SSDEEP
1536:EtByXv7uWGEqXZKXTadSp7Lxw9zzBPw+iASUSFOj8sWHcdF7zenq8WM:E4v4JKXTx71w0ArSsXF3enq8WM
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 7 IoCs
description pid Process procid_target PID 1736 wrote to memory of 2216 1736 rundll32.exe 28 PID 1736 wrote to memory of 2216 1736 rundll32.exe 28 PID 1736 wrote to memory of 2216 1736 rundll32.exe 28 PID 1736 wrote to memory of 2216 1736 rundll32.exe 28 PID 1736 wrote to memory of 2216 1736 rundll32.exe 28 PID 1736 wrote to memory of 2216 1736 rundll32.exe 28 PID 1736 wrote to memory of 2216 1736 rundll32.exe 28
Processes
-
C:\Windows\system32\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\a2bdb45df4ac7a997697f64f3e0db650_NeikiAnalytics.dll,#11⤵
- Suspicious use of WriteProcessMemory
PID:1736 -
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\a2bdb45df4ac7a997697f64f3e0db650_NeikiAnalytics.dll,#12⤵PID:2216
-