Analysis

  • max time kernel
    124s
  • max time network
    152s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240611-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240611-enlocale:en-usos:windows10-2004-x64system
  • submitted
    13/06/2024, 03:34

General

  • Target

    5b27d6a755edcded1e9516b8a0522c60_NeikiAnalytics.dll

  • Size

    5KB

  • MD5

    5b27d6a755edcded1e9516b8a0522c60

  • SHA1

    b900c1b95a9bd0849dba123810dfcac48ab05b08

  • SHA256

    f12e44b1ebd6e5cb65db49d8ed3dddaf33fd96e9cd8c42aa067d6fb0817f7e18

  • SHA512

    7d691fe67e74fd8217a2772cc6cb9c74550853c535bed7b07177d8be6e08500c53c7743a135b35b3f35598487bc9489583c46f83f2924d6a2dc60d7a7e1f7f86

  • SSDEEP

    48:C6VonAHso6U7lYa92RrpjwDmetlG95hx+iMHh+/rblB3m41zKnR1KgFkeywBKNVq:nEY2RrF1eqwi4g//SP19RxuZDAkE

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\5b27d6a755edcded1e9516b8a0522c60_NeikiAnalytics.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1012
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\5b27d6a755edcded1e9516b8a0522c60_NeikiAnalytics.dll,#1
      2⤵
        PID:2884
    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --field-trial-handle=1308,i,3144109701624127473,12586215149656995128,262144 --variations-seed-version --mojo-platform-channel-handle=4240 /prefetch:8
      1⤵
        PID:4112

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads