e845f93bd9c5214c0083790feec113fc3c6e9be16c2690681550ec7aa23f8b50

Analysis

max time kernel
120s
max time network
120s
platform
windows7_x64
resource
win7-20240611-en
resource tags

arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
submitted
17-06-2024 09:22

Target

724de89e410514d245f2930b1629c560_NeikiAnalytics.dll
Size

3.7MB
MD5

724de89e410514d245f2930b1629c560
SHA1

3e2e552607a614f9cf5608a31841c57982c1cc6f
SHA256

e845f93bd9c5214c0083790feec113fc3c6e9be16c2690681550ec7aa23f8b50
SHA512

40f49d46e40a254bc2828f8630d27ac8d8db3a274130e1792936deb215b82cda569c2202df6e36ae5b04c2e73edcd4dd5b1f112241ba526ae79d5492f3bac9a5
SSDEEP

49152:bJjoewSs1FjgWocNa2uKHVspcAjc0Y46Y4ByQ04x9oZNxmpfsqcAmaUjSagBlwwc:tM7TyQ0UUwUclp++EbaY

Score

1^/10

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 2208 wrote to memory of 2216	2208	rundll32.exe	28
PID 2208 wrote to memory of 2216	2208	rundll32.exe	28
PID 2208 wrote to memory of 2216	2208	rundll32.exe	28

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\724de89e410514d245f2930b1629c560_NeikiAnalytics.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:2208
- C:\Windows\system32\WerFault.exe
  C:\Windows\system32\WerFault.exe -u -p 2208 -s 188
  2⤵
  PID:2216