Analysis
-
max time kernel
117s -
max time network
135s -
platform
windows10-2004_x64 -
resource
win10v2004-20240611-en -
resource tags
arch:x64arch:x86image:win10v2004-20240611-enlocale:en-usos:windows10-2004-x64system -
submitted
13/06/2024, 02:19
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
56837df0922ef09d8c49b6e835ce6800_NeikiAnalytics.dll
Resource
win7-20240611-en
1 signatures
150 seconds
Behavioral task
behavioral2
Sample
56837df0922ef09d8c49b6e835ce6800_NeikiAnalytics.dll
Resource
win10v2004-20240611-en
1 signatures
150 seconds
General
-
Target
56837df0922ef09d8c49b6e835ce6800_NeikiAnalytics.dll
-
Size
81KB
-
MD5
56837df0922ef09d8c49b6e835ce6800
-
SHA1
d57b236fc255a442b5818eca7da2bc4ffb5d4dbb
-
SHA256
8f12d635f03da8bc5c8e81bd7a2964a0e7b6bca573868bcdcdeb6523b5c688f5
-
SHA512
b2cb3c2c4d3ccdb0cfa116d77f3d69509e4b66cf077976b66d59cd29dd190beb3ec9fc96e7d81a864fbca3b45e0c7379e28cf763a71f7ec01bb51d4ea7ded958
-
SSDEEP
1536:zByXv7uWGEqXZKXTadSp7Lxw9zzBPw+NASUSFOj8sWHcdF6+eXq8Wq:Cv4JKXTx71wnArSsXFpeXq8Wq
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 3 IoCs
description pid Process procid_target PID 948 wrote to memory of 4780 948 rundll32.exe 82 PID 948 wrote to memory of 4780 948 rundll32.exe 82 PID 948 wrote to memory of 4780 948 rundll32.exe 82
Processes
-
C:\Windows\system32\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\56837df0922ef09d8c49b6e835ce6800_NeikiAnalytics.dll,#11⤵
- Suspicious use of WriteProcessMemory
PID:948 -
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\56837df0922ef09d8c49b6e835ce6800_NeikiAnalytics.dll,#12⤵PID:4780
-