Overview

overview

7

Static

static

3

66593b509b...cs.exe

windows7-x64

7

66593b509b...cs.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    119s
  • max time network
    119s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    07/06/2024, 15:18

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    66593b509bb399920f76a0ddf247a9e0_NeikiAnalytics.exe

  • Size

    481KB

  • MD5

    66593b509bb399920f76a0ddf247a9e0

  • SHA1

    faff07a5fd441c64652d9daaf23407f54aa5964f

  • SHA256

    4b8aa9e9f7e9a1b394ffe5188ebaee033c6df64ee08ade0e2c33362d6584e710

  • SHA512

    08f0d1ee077b9eb3b2dddac048211b912143d875b6aed1670d54d69a04ed3d99693bf905e8be11e583991ed1684c20fe2447429500f4b301d61e958ca0c5692f

  • SSDEEP

    12288:d3CbeiX34d6lr3yNuPSm4/MnEfJThTOVYUltc5gLE4k2EwCj0Ee2B1:dsn3d3yNuPgMnEfJThTOVYUlOmLE43E5

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious behavior: RenamesItself 1 IoCs
  • Suspicious use of UnmapMainImage 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\66593b509bb399920f76a0ddf247a9e0_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\66593b509bb399920f76a0ddf247a9e0_NeikiAnalytics.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: RenamesItself
    • Suspicious use of WriteProcessMemory
    PID:2880
    • C:\Users\Admin\AppData\Local\Temp\66593b509bb399920f76a0ddf247a9e0_NeikiAnalytics.exe
      C:\Users\Admin\AppData\Local\Temp\66593b509bb399920f76a0ddf247a9e0_NeikiAnalytics.exe
      2⤵
      • Deletes itself
      • Executes dropped EXE
      • Suspicious use of UnmapMainImage
      PID:2756

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • \Users\Admin\AppData\Local\Temp\66593b509bb399920f76a0ddf247a9e0_NeikiAnalytics.exe
          Filesize

          481KB

          MD5

          873cca120217b402e05bd39df14f40a9

          SHA1

          70fa552553e54e2a8ff6b22f5a58f7f110f1551c

          SHA256

          fb1c06a31d024926f2786d3867a9f97479333f568b5c5661e424c04de68e2a81

          SHA512

          b2887cc275116875ea97d930db30cbf2494da4213f2e31d905e96960ca634900489d5010d4028ad6bd3a49a76cfe18c3e0549c4a522e62544cc6d0ab0f42e4c6

          Download Submit

        • memory/2756-12-0x0000000000400000-0x000000000041A000-memory.dmp

          Filesize

          104KB

          Download

        • memory/2756-16-0x0000000000130000-0x0000000000176000-memory.dmp

          Filesize

          280KB

          Download

        • memory/2756-17-0x0000000000400000-0x0000000000446000-memory.dmp

          Filesize

          280KB

          Download

        • memory/2880-0-0x0000000000400000-0x0000000000446000-memory.dmp

          Filesize

          280KB

          Download

        • memory/2880-6-0x00000000001B0000-0x00000000001F6000-memory.dmp

          Filesize

          280KB

          Download

        • memory/2880-10-0x0000000000400000-0x0000000000446000-memory.dmp

          Filesize

          280KB

          Download