Analysis
-
max time kernel
93s -
max time network
95s -
platform
windows10-2004_x64 -
resource
win10v2004-20240611-en -
resource tags
arch:x64arch:x86image:win10v2004-20240611-enlocale:en-usos:windows10-2004-x64system -
submitted
13/06/2024, 04:36
Static task
static1
Behavioral task
behavioral1
Sample
5f017ae69bbcdedee207959194d84880_NeikiAnalytics.exe
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
5f017ae69bbcdedee207959194d84880_NeikiAnalytics.exe
Resource
win10v2004-20240611-en
General
-
Target
5f017ae69bbcdedee207959194d84880_NeikiAnalytics.exe
-
Size
6.0MB
-
MD5
5f017ae69bbcdedee207959194d84880
-
SHA1
fbcd4758c26a7bdc83eecbb465c907c0a980ca38
-
SHA256
277ef8b52e95b83a202c915a0916dea2be54b4cf7640b0d381a90ef965afccb4
-
SHA512
630cef18a5a844faa59de726ab24bc26d1bcdb30f55454a01c576edb091d50e838e6a7e8c06f3b3b4b4407bcdfcf2825c05363685fb60bdfd4613f694e3f2b0f
-
SSDEEP
98304:emhd1UryenKy6fo3bV7wQqZUha5jtSyZIUS:elMUb2QbaZtlir
Malware Config
Signatures
-
Deletes itself 1 IoCs
pid Process 5016 3345.tmp -
Executes dropped EXE 1 IoCs
pid Process 5016 3345.tmp -
Suspicious use of WriteProcessMemory 3 IoCs
description pid Process procid_target PID 1496 wrote to memory of 5016 1496 5f017ae69bbcdedee207959194d84880_NeikiAnalytics.exe 84 PID 1496 wrote to memory of 5016 1496 5f017ae69bbcdedee207959194d84880_NeikiAnalytics.exe 84 PID 1496 wrote to memory of 5016 1496 5f017ae69bbcdedee207959194d84880_NeikiAnalytics.exe 84
Processes
-
C:\Users\Admin\AppData\Local\Temp\5f017ae69bbcdedee207959194d84880_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\5f017ae69bbcdedee207959194d84880_NeikiAnalytics.exe"1⤵
- Suspicious use of WriteProcessMemory
PID:1496 -
C:\Users\Admin\AppData\Local\Temp\3345.tmp"C:\Users\Admin\AppData\Local\Temp\3345.tmp" --splashC:\Users\Admin\AppData\Local\Temp\5f017ae69bbcdedee207959194d84880_NeikiAnalytics.exe CEF271D866C22E03A62DEF8AD71E06AF4406E39E08B2143CB8B158ABA5F9EF57B66D3D41D3B7A9501A6B95A2C8A9CC1D4ECB816334856217FAF9D8E72247E34F2⤵
- Deletes itself
- Executes dropped EXE
PID:5016
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
6.0MB
MD55b81135c884b39d1834302d92c85baab
SHA19af5675ecc049761c27cfbb333ad98893cab6529
SHA2565c0b7c8e586f1f974b2fe1b8ef0d15af1a18bfa85b9e96c79d8f6ee9b3e4971f
SHA5120e1e296c6e126bfe8b4187af6f695e5e9607118bc7f9fcb2beeb27b49888f6150bc9f5f3a7c3891f245229b3c7074d3684a960a93d7b63b402da86ffa0d72377