Analysis
-
max time kernel
117s -
max time network
118s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
13-06-2024 03:10
Behavioral task
behavioral1
Sample
59c614e9ec3daa3411d76cb6386bb710_NeikiAnalytics.pdf
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
59c614e9ec3daa3411d76cb6386bb710_NeikiAnalytics.pdf
Resource
win10v2004-20240611-en
General
-
Target
59c614e9ec3daa3411d76cb6386bb710_NeikiAnalytics.pdf
-
Size
161KB
-
MD5
59c614e9ec3daa3411d76cb6386bb710
-
SHA1
fa4790714d96741e8d3ab245956d0a811ed52ed0
-
SHA256
12c1b81a4f49d8f029b487b14f6693685e30c5159a2ae643db0764649f8a8f8a
-
SHA512
f47d00d2195705c77a3a8b10ec6e2596869c5ff2b6970792317e269d62610401bced8dd06dab24f8a4059f923960c6fb4af2516d4e464cbf9f9c5ed1b86d9709
-
SSDEEP
3072:g5qqm6x9Kk+hEQBQ2eZ6Z1GHYDsZ7XYs1HJDQEiCFnExrnTJKO+EcuLeyMXiA90:uQ6fKdhpBQ3ZMGSeDRHJD+CFEx8yyyMa
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
Processes:
AcroRd32.exepid process 1688 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 4 IoCs
Processes:
AcroRd32.exepid process 1688 AcroRd32.exe 1688 AcroRd32.exe 1688 AcroRd32.exe 1688 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\59c614e9ec3daa3411d76cb6386bb710_NeikiAnalytics.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:1688
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD58472effb923c6b40bc4bd34b65078c3b
SHA12914d6e7afa15a3e0a5775d8808166c609740907
SHA2563bc6079b65bf137d2be8edcb5ecb780261b39ad6ba64f92a6ff416111b0a29c6
SHA51208e10bddcf8be6dafe9710dfc67f6a0f803ee3540063c854a66f55b0f9527bf456343a1e102c5c29b63558dfb97938ee69fecff6996b0e1e0c986b4308d52d86