Analysis

  • max time kernel
    119s
  • max time network
    120s
  • platform
    windows7_x64
  • resource
    win7-20240220-en
  • resource tags

    arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system
  • submitted
    03-06-2024 13:17

General

  • Target

    a4b9a42d67b6faa98bb0e5f2de7c80a0_NeikiAnalytics.exe

  • Size

    79KB

  • MD5

    a4b9a42d67b6faa98bb0e5f2de7c80a0

  • SHA1

    b9294859b754b3b76e0db40b47b874ab81c1cfb8

  • SHA256

    3b322c7b4fbc87d816c3ce0e7a89ee4ea3f1e648d2e7c4876d36d757d42b9622

  • SHA512

    60859ee366348fe8f8429627c4d43d2cba523ef57eadb5c79381384d3ed783e629a131750df508b4b608b60d134d99e2a345f2f66015ba37e8591344f5bdb77c

  • SSDEEP

    1536:zvXvQ623RLlw9AQrOQA8AkqUhMb2nuy5wgIP0CSJ+5yDB8GMGlZ5G:zv/q3RL69uGdqU7uy5w9WMyDN5G

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 2 IoCs
  • Suspicious use of WriteProcessMemory 8 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\a4b9a42d67b6faa98bb0e5f2de7c80a0_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\a4b9a42d67b6faa98bb0e5f2de7c80a0_NeikiAnalytics.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2192

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Users\Admin\AppData\Local\Temp\[email protected]

    Filesize

    79KB

    MD5

    c8a45fd3e865ffa9514e84573e8df44a

    SHA1

    f0aa7729cba89c7c31649af8f0434fdc92573b73

    SHA256

    3b4d4a652d94f52ab281031e0abb2427c939c02488afd0edc90bb759217b5da2

    SHA512

    b4a5a7d168b65611c218faac36704f11046517294162ecf63fb61068e746e594ce21c19094ee5db2f7db25d3537a1a5469c1d4ef92984f6ff2eaf43dd8a70a4e

  • memory/1692-7-0x0000000000400000-0x000000000041B000-memory.dmp

    Filesize

    108KB

  • memory/2192-8-0x0000000000400000-0x000000000041B000-memory.dmp

    Filesize

    108KB