Analysis
-
max time kernel
93s -
max time network
94s -
platform
windows10-2004_x64 -
resource
win10v2004-20240611-en -
resource tags
arch:x64arch:x86image:win10v2004-20240611-enlocale:en-usos:windows10-2004-x64system -
submitted
13-06-2024 06:24
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
655d2c362fb71df7c4a10c2b09d62860_NeikiAnalytics.dll
Resource
win7-20240221-en
1 signatures
150 seconds
Behavioral task
behavioral2
Sample
655d2c362fb71df7c4a10c2b09d62860_NeikiAnalytics.dll
Resource
win10v2004-20240611-en
1 signatures
150 seconds
General
-
Target
655d2c362fb71df7c4a10c2b09d62860_NeikiAnalytics.dll
-
Size
250KB
-
MD5
655d2c362fb71df7c4a10c2b09d62860
-
SHA1
23bdc23126851f2faf6237c97f94af984c5b5ec0
-
SHA256
edae94fdfce2fa81b2f18f097d8e36493f8e2342bcd21b9adbf4a0686260e6f0
-
SHA512
dfdb4bc7095dbfba8b7e9df8fd103314a35d8967909d9445b3afc587aca41c55de270f71c1441277467ca95bbb10cae0d9fbee92fa8a52790dc97213918405f5
-
SSDEEP
6144:HmSjo8fmOi5INzDoM6uEGu6xK4RScrqqpPxFGUHzMcD:Hm2ROOi5ICM68bxPRScrqsx8U9
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 3 IoCs
description pid Process procid_target PID 3740 wrote to memory of 404 3740 rundll32.exe 82 PID 3740 wrote to memory of 404 3740 rundll32.exe 82 PID 3740 wrote to memory of 404 3740 rundll32.exe 82
Processes
-
C:\Windows\system32\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\655d2c362fb71df7c4a10c2b09d62860_NeikiAnalytics.dll,#11⤵
- Suspicious use of WriteProcessMemory
PID:3740 -
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\655d2c362fb71df7c4a10c2b09d62860_NeikiAnalytics.dll,#12⤵PID:404
-