Analysis

  • max time kernel
    90s
  • max time network
    142s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240426-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system
  • submitted
    03-06-2024 12:56

General

  • Target

    a42ad9fedb0c3686e4a49589ebe09ae0_NeikiAnalytics.exe

  • Size

    79KB

  • MD5

    a42ad9fedb0c3686e4a49589ebe09ae0

  • SHA1

    56cdce6c1dba54675196c40b8d3e019612f5708e

  • SHA256

    65b3c16f6555b3af1d17fdf44e66678143bda16512b89e64bb6454f8b107f7ec

  • SHA512

    02252d0e98b54bb6bfadcd58c8468aead9f8f877129298b8ae20eb71817b96b01347bb98234fb9202e6c0121c33aa61a955bb2d19c21fde724ef88f9edc85e2e

  • SSDEEP

    1536:zv61XZa5TE6RTSunOQA8AkqUhMb2nuy5wgIP0CSJ+5yWB8GMGlZ5G:zv6Ta5A6RAGdqU7uy5w9WMyWN5G

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Suspicious use of WriteProcessMemory 6 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\a42ad9fedb0c3686e4a49589ebe09ae0_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\a42ad9fedb0c3686e4a49589ebe09ae0_NeikiAnalytics.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2820

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\[email protected]

    Filesize

    79KB

    MD5

    17f6ad5fab264d6228f89e1c24b79d9a

    SHA1

    0304c10f999dbd6958d5c59b7500ddbacb2f51f8

    SHA256

    e35d9140ff1092cbd5baa2abd24aa4f161dc025858daccc9de944112e6d345a6

    SHA512

    7db0af9ec02520594f9cd785178c95bbe65fe3ce2bf011ea4b48aa4cf4ecb7315c24819cd73b382f652e2fba3d41fbaf312bf5912d88282cfa9d45498841a888

  • memory/2820-6-0x0000000000400000-0x000000000041B000-memory.dmp

    Filesize

    108KB

  • memory/4828-5-0x0000000000400000-0x000000000041B000-memory.dmp

    Filesize

    108KB