Analysis

  • max time kernel
    149s
  • max time network
    150s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240508-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
  • submitted
    03-06-2024 13:07

General

  • Target

    a46a5e1dc3ee850f594398b729898dd0_NeikiAnalytics.exe

  • Size

    79KB

  • MD5

    a46a5e1dc3ee850f594398b729898dd0

  • SHA1

    0fa0376fc2708873eb5d030f88febdd05338ace5

  • SHA256

    ce766d4455dc1508aa4b42557c6df124983a889bad224febab086de312271080

  • SHA512

    ecb5181eaf3544619321319549f118eff6136310f721a9217480008199fa7fc58a499b9cbc0ed0c66f6ef952a83f594e74768506c974228918d6220630cabefe

  • SSDEEP

    1536:zvm5Om0rld8Ms1FAOgSmOQA8AkqUhMb2nuy5wgIP0CSJ+5yIB8GMGlZ5G:zvm5OTld8r1QSjGdqU7uy5w9WMyIN5G

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Suspicious use of WriteProcessMemory 6 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\a46a5e1dc3ee850f594398b729898dd0_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\a46a5e1dc3ee850f594398b729898dd0_NeikiAnalytics.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2808

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\[email protected]

    Filesize

    79KB

    MD5

    a5800c4a188287b9665234e553a89099

    SHA1

    19f34c19d71dec2dbb9be299e78f37ef962f7ca4

    SHA256

    e9b8e49b4a686ae5b6ecf8372d14fe13358ca420119c8be553b1b173a321c84e

    SHA512

    0e8108a3869b3b2a1c3af5195bdbaf66a1c0782e58afede8e52a0a57b78ff286b701bd9c9bcbbb81a00f15b8ee156556056a873cdd25b35d27a372975176c636

  • memory/2808-6-0x0000000000400000-0x000000000041B000-memory.dmp

    Filesize

    108KB

  • memory/4436-5-0x0000000000400000-0x000000000041B000-memory.dmp

    Filesize

    108KB