Analysis
-
max time kernel
121s -
max time network
126s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
06-06-2024 10:09
Behavioral task
behavioral1
Sample
06184e38e8afc00baaefd94bffe24c00_NeikiAnalytics.exe
Resource
win7-20240221-en
1 signatures
150 seconds
Behavioral task
behavioral2
Sample
06184e38e8afc00baaefd94bffe24c00_NeikiAnalytics.exe
Resource
win10v2004-20240426-en
0 signatures
150 seconds
General
-
Target
06184e38e8afc00baaefd94bffe24c00_NeikiAnalytics.exe
-
Size
6.9MB
-
MD5
06184e38e8afc00baaefd94bffe24c00
-
SHA1
75e9af0a61de28e3ce6c1a0964f81f6324b134d2
-
SHA256
af30d0d3235fed1679dbd396a9e3fa2315f7746569ce7a2cdf93637eda752611
-
SHA512
3e9a229e90b05e4e06889de196173afe824a2beb0c59cb3ecbc864bfa8cf89cd9fb5701a20d49ce4e2968cd47d85d59f954cae4fb3422c7e4007a1168fb71dfe
-
SSDEEP
98304:JhSo0Mfow7A1h9eT393YigJhH0yzt7GTu/NWPdHdda9D4oRVB0rdB4:JhSjGA1HeT39Iigft7ec0/aFFrur
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes:
06184e38e8afc00baaefd94bffe24c00_NeikiAnalytics.exedescription pid process target process PID 2224 wrote to memory of 2336 2224 06184e38e8afc00baaefd94bffe24c00_NeikiAnalytics.exe WerFault.exe PID 2224 wrote to memory of 2336 2224 06184e38e8afc00baaefd94bffe24c00_NeikiAnalytics.exe WerFault.exe PID 2224 wrote to memory of 2336 2224 06184e38e8afc00baaefd94bffe24c00_NeikiAnalytics.exe WerFault.exe
Processes
-
C:\Users\Admin\AppData\Local\Temp\06184e38e8afc00baaefd94bffe24c00_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\06184e38e8afc00baaefd94bffe24c00_NeikiAnalytics.exe"1⤵
- Suspicious use of WriteProcessMemory
PID:2224 -
C:\Windows\system32\WerFault.exeC:\Windows\system32\WerFault.exe -u -p 2224 -s 802⤵PID:2336
-