Analysis
-
max time kernel
120s -
max time network
120s -
platform
windows7_x64 -
resource
win7-20240220-en -
resource tags
arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system -
submitted
13-06-2024 00:53
Behavioral task
behavioral1
Sample
51a8cb177473f3282be1569ee449e090_NeikiAnalytics.pdf
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
51a8cb177473f3282be1569ee449e090_NeikiAnalytics.pdf
Resource
win10v2004-20240611-en
General
-
Target
51a8cb177473f3282be1569ee449e090_NeikiAnalytics.pdf
-
Size
375KB
-
MD5
51a8cb177473f3282be1569ee449e090
-
SHA1
ddcdd74341386f7cefdc97cf8fd6aad34d1b6522
-
SHA256
a060cb3ccab07ae71b4fb5859f9c94ec15150911cf9b51f08d54a1de06112a56
-
SHA512
38d3c401f9c4cdc1d26a30546b6cd3f6f282b01b1ade231bae13be715a07f221d499806bbb1204b2fb4c3dfce5f343205d4f8b1c6d68d60e1ac6fd58287b9b1e
-
SSDEEP
6144:X8CfMV0IRdW1jg0g0gAXKdpPt37TCIcRpu36NCqRRc2UcW+6qMlFqyqMexq+XyTX:X/y0I3Cg0g0gV/sHp3NCqRRc2RWbtlFV
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
Processes:
AcroRd32.exepid process 2204 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
Processes:
AcroRd32.exepid process 2204 AcroRd32.exe 2204 AcroRd32.exe 2204 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\51a8cb177473f3282be1569ee449e090_NeikiAnalytics.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2204
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD50ef6f628d40d0777b9eb7e623856a244
SHA1b12b38958a7947115c8da38863d15e411b74dd2b
SHA2561d745154ee4426643077bd1f412062100caad4310f0324320ccf41305ac39083
SHA512a6c6c7f78783ad147e811ad902dfaf2ae9b561f3b4174b9426ada287fb736f41f41135f92298e1ad2644d44aa16dc9b567d14067dca528147cc5d52810ad57e3