Analysis
-
max time kernel
118s -
max time network
125s -
platform
windows7_x64 -
resource
win7-20240508-en -
resource tags
arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system -
submitted
14-06-2024 07:50
Behavioral task
behavioral1
Sample
ae69e88aec585475b2cb6aaaf0c08a80_NeikiAnalytics.pdf
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
ae69e88aec585475b2cb6aaaf0c08a80_NeikiAnalytics.pdf
Resource
win10v2004-20240508-en
General
-
Target
ae69e88aec585475b2cb6aaaf0c08a80_NeikiAnalytics.pdf
-
Size
79KB
-
MD5
ae69e88aec585475b2cb6aaaf0c08a80
-
SHA1
791da7dd1cf1935816865d48bd02cfc2a87acf89
-
SHA256
8839be2fcbfbe08c6ea2dc9ae6812e9848a6b1e7cf81f7d14eb5ac70e4cb8154
-
SHA512
83d1f29ac31413d31c7eb4ca42c4c72646d14e309fc2dca6492536ee6763197b3081cf8fe1952b40d82e56c7db5466a23bbbc3fcf0dd204831a40d09bef96a8b
-
SSDEEP
1536:GA79uQvBjnA/4lxiujBXtsKDzCpiMh13b7QnBSFqqQAU3jDWC9mnPZG:m8BjA/4lv1zDzCsMh1LEnBwQAqWBE
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
Processes:
AcroRd32.exepid process 2968 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
Processes:
AcroRd32.exepid process 2968 AcroRd32.exe 2968 AcroRd32.exe 2968 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\ae69e88aec585475b2cb6aaaf0c08a80_NeikiAnalytics.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2968
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD51ecd922da15d644a4ce19b2fc07fca14
SHA14d66a7d7620705ff1f50531ffa1de1e2e4987be9
SHA2560ad0b0261c39ad9202637cf56950ebd68838282ae5e53872a15a18e74a2bc72a
SHA512305b1ec86ba8e6a10bb523382363bb8e398efa1b0553741e5d828aee01e0e859a5a2179abbb90529724f7cbcde4150e46c910657c8d357d726d6dd1121ca4444