Analysis

  • max time kernel
    94s
  • max time network
    96s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240508-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
  • submitted
    06/06/2024, 20:36

General

  • Target

    a598c90eebe70028f52eb33aeeb83ba0_NeikiAnalytics.exe

  • Size

    152KB

  • MD5

    a598c90eebe70028f52eb33aeeb83ba0

  • SHA1

    ec6d65695980f287ba791271732118641c65cbb1

  • SHA256

    4652ad8a55ece39c31572dba4cd06dd32a120cf1707322076e4908aac852e653

  • SHA512

    e8839e40fd5542c2aaf24acb771409c3e1c567e7c1ef62d15bb0b6f6dbb7d645280791f83f2d7d7f78d204f58ec09d506c820d4ae143ce892a71556408c34ccf

  • SSDEEP

    3072:f29+hIl2epp1x5GWp1icKAArDZz4N9GhbkrNEkE1xD:ewArp0yN90QEf

Score
6/10

Malware Config

Signatures

  • Adds Run key to start application 2 TTPs 1 IoCs
  • Suspicious use of WriteProcessMemory 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\a598c90eebe70028f52eb33aeeb83ba0_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\a598c90eebe70028f52eb33aeeb83ba0_NeikiAnalytics.exe"
    1⤵
    • Adds Run key to start application
    • Suspicious use of WriteProcessMemory
    PID:1012
    • C:\Windows\SYSTEM32\cmd.exe
      cmd /c "GTA.bat"
      2⤵
        PID:4760

    Network

          MITRE ATT&CK Enterprise v15

          Replay Monitor

          Loading Replay Monitor...

          Downloads

          • C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\GTA.bat

            Filesize

            27B

            MD5

            df4661aeff8046fdd5b3d37f3f5cd870

            SHA1

            281d79c197c2a07b230a97591a9a3af6416abff7

            SHA256

            0adf868af56f894ac8c7ee4a1543128a7a5f1076c4d825f1e56cb44d2ac151cf

            SHA512

            cd29e1b902fa8a360b013b8bd2ea899ef08564480e090e1b1a2455850f386289b1eb8bb4cb939c569c23fc482587d0603d7e5c158999a4eca4fd29e01071bd37