04da3e05106ffd182c2b2320555768a774753ade12ef6e12d4ef86bf8d2ef370

Analysis

max time kernel
118s
max time network
119s
platform
windows7_x64
resource
win7-20231129-en
resource tags

arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
submitted
08/06/2024, 00:22

Target

7b26c4608dcbd94a1088b09775862de0_NeikiAnalytics.exe
Size

43KB
MD5

7b26c4608dcbd94a1088b09775862de0
SHA1

cd3bf6220ca6a5c0fcff79d82b9fd708ed530c2c
SHA256

04da3e05106ffd182c2b2320555768a774753ade12ef6e12d4ef86bf8d2ef370
SHA512

4bbfca785501b5e037fa7ddabb23101567e527cfae9d9129fc33ff7984e0957ec6a9943995a0d1262c74d526030f1b394f244a594a4c23749f5a51a8068db286
SSDEEP

768:GD8FZXSaM1wX7FeVXMReeMBzEqWaTtbbNHqDz3EXvgyvDyBvgDs8Dfvvvvv/vvv:icXLHX8MReHTt/Xvivy

Score

3^/10

Program crash 1 IoCs

pid	pid_target	Process	procid_target
1704	824	WerFault.exe	27

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 824 wrote to memory of 1704	824	7b26c4608dcbd94a1088b09775862de0_NeikiAnalytics.exe	28
PID 824 wrote to memory of 1704	824	7b26c4608dcbd94a1088b09775862de0_NeikiAnalytics.exe	28
PID 824 wrote to memory of 1704	824	7b26c4608dcbd94a1088b09775862de0_NeikiAnalytics.exe	28
PID 824 wrote to memory of 1704	824	7b26c4608dcbd94a1088b09775862de0_NeikiAnalytics.exe	28

C:\Users\Admin\AppData\Local\Temp\7b26c4608dcbd94a1088b09775862de0_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\7b26c4608dcbd94a1088b09775862de0_NeikiAnalytics.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:824
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 824 -s 144
  2⤵
  - Program crash
  PID:1704