Analysis

  • max time kernel
    121s
  • max time network
    126s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    06-06-2024 10:09

General

  • Target

    06184e38e8afc00baaefd94bffe24c00_NeikiAnalytics.exe

  • Size

    6.9MB

  • MD5

    06184e38e8afc00baaefd94bffe24c00

  • SHA1

    75e9af0a61de28e3ce6c1a0964f81f6324b134d2

  • SHA256

    af30d0d3235fed1679dbd396a9e3fa2315f7746569ce7a2cdf93637eda752611

  • SHA512

    3e9a229e90b05e4e06889de196173afe824a2beb0c59cb3ecbc864bfa8cf89cd9fb5701a20d49ce4e2968cd47d85d59f954cae4fb3422c7e4007a1168fb71dfe

  • SSDEEP

    98304:JhSo0Mfow7A1h9eT393YigJhH0yzt7GTu/NWPdHdda9D4oRVB0rdB4:JhSjGA1HeT39Iigft7ec0/aFFrur

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\06184e38e8afc00baaefd94bffe24c00_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\06184e38e8afc00baaefd94bffe24c00_NeikiAnalytics.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2224
    • C:\Windows\system32\WerFault.exe
      C:\Windows\system32\WerFault.exe -u -p 2224 -s 80
      2⤵
        PID:2336

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/2224-0-0x000000013F020000-0x000000013F078000-memory.dmp

      Filesize

      352KB