Overview

overview

7

Static

static

3

610764a027...cs.exe

windows7-x64

7

610764a027...cs.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    118s
  • max time network
    118s
  • platform
    windows7_x64
  • resource
    win7-20240419-en
  • resource tags

    arch:x64arch:x86image:win7-20240419-enlocale:en-usos:windows7-x64system
  • submitted
    13-06-2024 05:10

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    610764a027dd55a73af5dca9608a6b40_NeikiAnalytics.exe

  • Size

    410KB

  • MD5

    610764a027dd55a73af5dca9608a6b40

  • SHA1

    4337c798ac06323c047632fde05c113640519df3

  • SHA256

    d5c0832b6b92a21904024563856612c86ded290ef0f8d2af18aa6e53911e15c4

  • SHA512

    4861ba12ce3e0f8806f6e90f55d0ae6f378eef60ee996062a140a206b73671a13b9c0dc43a81d8084a4b7dfe4c9640e94425420011c9baede21dc6a9ec455e95

  • SSDEEP

    12288:Aq5hK8fpU7nDfEF9XmzHXFSe7wuf9XmzHXS9XmzH:Aq5hLfpCnjEF8zHXFSe7wuf8zHXS8zH

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious behavior: RenamesItself 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\610764a027dd55a73af5dca9608a6b40_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\610764a027dd55a73af5dca9608a6b40_NeikiAnalytics.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: RenamesItself
    • Suspicious use of WriteProcessMemory
    PID:2768
    • C:\Users\Admin\AppData\Local\Temp\610764a027dd55a73af5dca9608a6b40_NeikiAnalytics.exe
      C:\Users\Admin\AppData\Local\Temp\610764a027dd55a73af5dca9608a6b40_NeikiAnalytics.exe
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:1860

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Users\Admin\AppData\Local\Temp\610764a027dd55a73af5dca9608a6b40_NeikiAnalytics.exe
    Filesize

    410KB

    MD5

    09c7baebb9284ae1e4a1a00acb492f4b

    SHA1

    dbb9fc0eb4fb0b53ee56f6183ffa5c1dd8da316d

    SHA256

    4d3fdbf8ce89a89fc7e6fd5ea4c6588699bc16a12418acb79843bb4f9ba9528b

    SHA512

    c447fb79955003598bc9cc2e848d88fbc4b9062a057e822c9cd347869b89ac8a54fe861b4930db9bd80fd8fb8c850065e09dbc6531865fe87b085cec4b063fe3

    Download Submit

  • memory/1860-10-0x0000000000400000-0x0000000000474000-memory.dmp

    Filesize

    464KB

    Download

  • memory/1860-13-0x0000000000400000-0x0000000000474000-memory.dmp

    Filesize

    464KB

    Download

  • memory/2768-0-0x0000000000400000-0x0000000000474000-memory.dmp

    Filesize

    464KB

    Download

  • memory/2768-11-0x0000000000400000-0x0000000000474000-memory.dmp

    Filesize

    464KB

    Download