Overview

overview

7

Static

static

7

4554c8321c...cs.exe

windows7-x64

7

4554c8321c...cs.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    118s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20240611-en
  • resource tags

    arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
  • submitted
    20/06/2024, 07:31

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    4554c8321c58af4cf5492a1400c9666bedd91a645c095a5434d7b57d1fd41f5e_NeikiAnalytics.exe

  • Size

    8.7MB

  • MD5

    8b55415ba7b8dc6057f052a8426e08e0

  • SHA1

    6a6005ece2dd2c1ecaceabbeb8017953f4c4035a

  • SHA256

    4554c8321c58af4cf5492a1400c9666bedd91a645c095a5434d7b57d1fd41f5e

  • SHA512

    ef50b627f247dcd374f2be3c73c650fdbdfacbae6dd7e2592a8fcce6de17329d24389dcbde8d57476602f4a1bc0d05739f250561e35a70483fb546c060204621

  • SSDEEP

    98304:+22222222222222222222222222222222222222222225:x

Score
7/10
upx

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • UPX packed file 3 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Drops file in System32 directory 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\4554c8321c58af4cf5492a1400c9666bedd91a645c095a5434d7b57d1fd41f5e_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\4554c8321c58af4cf5492a1400c9666bedd91a645c095a5434d7b57d1fd41f5e_NeikiAnalytics.exe"
    1⤵
    • Drops file in System32 directory
    PID:2176
  • C:\Windows\SysWOW64\svrwsc.exe
    C:\Windows\SysWOW64\svrwsc.exe
    1⤵
    • Executes dropped EXE
    • Drops file in System32 directory
    PID:2556

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Windows\SysWOW64\svrwsc.exe
    Filesize

    9.1MB

    MD5

    653fe5c8942c754fd83df4e6f60d564f

    SHA1

    5f24a17ae549af4a22e736cb14cfbaaef9537983

    SHA256

    d2c013a0dff42837725914ba517290b25d9a8614d36683b529ca1c84e47f2b03

    SHA512

    979f28396431a4215489dc8c324cd4925806bc972adebc164e7801a3ac146ebf0d4981dd31b18c14d8a1f37b55eb7c7380e50dc6013f3ecabcc79231a8f09409

    Download Submit

  • memory/2176-0-0x0000000000400000-0x000000000042B000-memory.dmp

    Filesize

    172KB

    Download

  • memory/2176-2-0x0000000000400000-0x000000000042B000-memory.dmp

    Filesize

    172KB

    Download

  • memory/2176-1-0x00000000003B0000-0x00000000003B5000-memory.dmp

    Filesize

    20KB

    Download

  • memory/2176-8-0x0000000000400000-0x000000000042B000-memory.dmp

    Filesize

    172KB

    Download

  • memory/2556-5-0x0000000000400000-0x000000000042B000-memory.dmp

    Filesize

    172KB

    Download

  • memory/2556-7-0x0000000000400000-0x000000000042B000-memory.dmp

    Filesize

    172KB

    Download