4af4562e5e3784c1e8b48200af3d84c0a48c405270369c8647483f3c9d295600

Analysis

max time kernel
51s
max time network
51s
platform
windows10-2004_x64
resource
win10v2004-20240508-en
resource tags

arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
submitted
17/06/2024, 05:56

Target

551aaa4bbc228f1cebc5e4058e038b50_NeikiAnalytics.dll
Size

6KB
MD5

551aaa4bbc228f1cebc5e4058e038b50
SHA1

45821d6ebd4fadb4d7a41a5fbc0b7de71d17be5f
SHA256

4af4562e5e3784c1e8b48200af3d84c0a48c405270369c8647483f3c9d295600
SHA512

c580dc71ebf80cfe3a968b8d6d49ca0711d0789c6b5437bf82ddb46ed186cded05b843fa832e3fc19baf6649f8d575de7d9de862d95e867a3402d2beb53a6304
SSDEEP

96:DixZjmjtjd8jPjcZGR5TI6yh0+lwxl+Cxx+gw+sFxejx9SMR:unSR6bgYOh0+lwCCqusFkjf

Score

1^/10

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 4732 wrote to memory of 376	4732	rundll32.exe	82
PID 4732 wrote to memory of 376	4732	rundll32.exe	82
PID 4732 wrote to memory of 376	4732	rundll32.exe	82

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\551aaa4bbc228f1cebc5e4058e038b50_NeikiAnalytics.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:4732
- C:\Windows\SysWOW64\rundll32.exe
  rundll32.exe C:\Users\Admin\AppData\Local\Temp\551aaa4bbc228f1cebc5e4058e038b50_NeikiAnalytics.dll,#1
  2⤵
  PID:376