Overview

overview

7

Static

static

1

1013dce459...cs.exe

windows7-x64

1

1013dce459...cs.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    133s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240611-en
  • resource tags

    arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
  • submitted
    24-06-2024 23:21

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    1013dce4599a22213701ced317819b275b73341369bbaeb72172751326581bd1_NeikiAnalytics.exe

  • Size

    79KB

  • MD5

    6073fb93f34c45ba47d81a52dfc95930

  • SHA1

    ede4366152d7c2f29a7776807f8819a5a9ac50df

  • SHA256

    1013dce4599a22213701ced317819b275b73341369bbaeb72172751326581bd1

  • SHA512

    3350fae1d5517ff9e3c7e73b1ae6b391ecfb44178ba3c05cb3cbbf3074f292a3162c6915c173632c9f33160c1b1fe08b4f0307a2d07c8877435c51f866a9a825

  • SSDEEP

    768:QtqMwjf/ugo+z1767yotAfjFuYwJCu12JglzXxDIIIIIIIIIIRIIIIIIIIIIIII2:NDxJ0Nmfg7JBx8to+zTRiD3

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 62 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 8 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\1013dce4599a22213701ced317819b275b73341369bbaeb72172751326581bd1_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\1013dce4599a22213701ced317819b275b73341369bbaeb72172751326581bd1_NeikiAnalytics.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2208
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" http://java.com/download
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:2300
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2300 CREDAT:275457 /prefetch:2
        3⤵
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:1804

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    476ad00395e260dd23621d2d0a014186

    SHA1

    7246bf72388062c56e61deff5f684daa89ad8498

    SHA256

    4e3a85fec1d9b5bbc76e7190e2cda3b89d2cd3dafc5dc1f752a8671ecaf70d38

    SHA512

    229a97b977c545f02c5b44b9c0c94730e2dc088a48e5a8a2ae7386b75db08b0108cc816d1a19ba8cdcd7fe73071ac8bb08f098bb1384a5c4b124868bb2b6f5c3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    144ed90a2c0e74bd9711011e5a3aebc2

    SHA1

    977426aa87f3e5488f56257e5d7d492d1f786fea

    SHA256

    4374ccd05e7682cc1f471d2a0607289b11d860533cc7a3376a1a4420a9b4ed8f

    SHA512

    f5d4640fa3c65ae181df2ad42b36c5c7abf5b1cf84f9afb593092304ada5252cbd267288295ee799385a4e0885049697608de418390aa8718ab224bce0f758be

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1de5184cc134b45691a24995614785d8

    SHA1

    7509735020652a09e65c0e62b7bfa9262fd64439

    SHA256

    ae6f76565566edb5601a94f5bb8ea6c30be4c473f393cf981d27c5ad58288317

    SHA512

    8f717bc05a460a7453210c8b848d17a525a75fd17443f7fbd15152f57e802ec34c994b76c586fbefc795286eb5f4bd2e12250798ef1a827420f32b4f4589af12

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    901c6162d56bc060eafcf230f9218fcf

    SHA1

    0ac0a0d1765f27ec7e47210f4614e310725ffb21

    SHA256

    a7637a0a2165e83585ea107248e20ed1dfa3e09921c44ea9807183fb6746d97d

    SHA512

    dc3f94dd6cee991e046dc461db534eb56102f5993b594f0c3d0f181b0163d4f8f7771ef8e51e825a93faacc6557afaaed760087ca7a9c44d82379b97315af2ef

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    59b203fd4d81b3f76ec90790a9203e6e

    SHA1

    46c989f54ece1676d40a43bff4ca74143e14de22

    SHA256

    c9f6eb65f7894ee123f0925ad68e93dccec58f90670a3c6716595b5239c70eb3

    SHA512

    8ce62fd6a9327edeff6ed227cb94593747caefdca5aca6a92c24bad667e9c6a32d84bbc38374ab7adbfd6adb4ece0a572bc1e9d98eb20e47413162ef37698c64

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6b23c648311d69efd34fca5525ab5232

    SHA1

    d8c307b307c1920c42795d83c7669fc3f108343b

    SHA256

    ea645c8a37ed96063ebd1c650d506d1d8fd4e6408b5c72a5b130a99e5a0ea441

    SHA512

    04d642d93ba3793b7a0b02cfe356cb5332e2003d91760b40b96105426c0a67a1f03b8875f43600bd85676f3edab8b14c80e5ef3197b6322f3dffe8775636017c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d5a4d1a83fe79f1069a6d383bd35b4a2

    SHA1

    74363191c4a14e10b675fbf24a0ea92bdee528f5

    SHA256

    a66ce6e89b9dc072e57ede738c719382cf6344db567403dff8ec9a2cde2906ed

    SHA512

    26c1f5ea6b29bac0f5128b95dbc98fce66d22754a26e987374b2d6557bbb778fbe7e32d9296b98b856c089d510c193a4fe4b2f2e77a7f766fd3a899cded7e025

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5d8ba9e034a800be71e096c4f4065afc

    SHA1

    83f0cb5e410c8b9f911c22159053efa37fa78f3c

    SHA256

    113438ca65cbc5ca46cb0cc70c7d819420008588a92dde87a0e2364cded84168

    SHA512

    2eed390e0bb7ff1b76317255dbc3f5c683328b296dfbc6eae23528377c26101c2f2d41a15aa78138a12b333a3fcc1a558b4790d4527f34e2075414f1a1adc2e6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d8a682c108504bff5c383f137178714a

    SHA1

    9feba9c3fce28a897d4d865b6f93c99f29f30134

    SHA256

    b831eecbcc101f35aae7d38bc146e801699d6d71d3bfce06d03a1e9aa1a2ceb3

    SHA512

    1937fb4a0d8a09ce50d3852feb3b7f266bb2932dc22f1f08217343d3257ae126cd7b0068919f8cbe7d19bca0f843c32b5a4bb6820be24b4bffa517dfca89d51d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ffd74f919ec9135ea8a45dafbf4c32dd

    SHA1

    f2f604f612d111effdc75bbade7b9db0f45c02c0

    SHA256

    1fbf90660018334608fb4f24542c06cb021b6eb1aa0ed5ad9b39a82db13c8737

    SHA512

    6032cf0a152dd869d16cafe17efa76250fc522fed5e2f18ffaab079b936511325b7169d5b8f35d0b18566dac56aa1f365a9a523bdc850c319db302f2200cf593

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1006bf478b77ea7ceebd1787d572b74f

    SHA1

    53a23dc7001ebb6e3131984caf186aa5f3968002

    SHA256

    93aa41ef3aa1ad7ed0f25dbe701154ba2ba86a692a1e5ef44ed79a097466950c

    SHA512

    0015d5d17c84ce46a7a3d51ad8cb9040090c3347107143d863b412892a1eaa6981465c868b1b6cee9fd1b4fb56228f6ac62dbdf1415c660c93b3f8cb93e45d52

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ede60f33b0e76bcc8445861c77f2717e

    SHA1

    847aae80d269217132d20d35b104e4769b674591

    SHA256

    9dd76f439958977001937dc528ce0143ee18234bcd0543f0538aa6c134d7d96d

    SHA512

    ef5a70c76410e9a98a25a55185ebb80bad12f009e87ce05fd3672b1517fe3754748bdbc62fddcab681aebfb9fd7953f4fc03c5ed4c0596b2f7ff70edc1edb1d4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2bea1920dc84bab2a776a25ffc16f1b8

    SHA1

    cd3e5e6b9999760fe0faadd9abdcc9241cfa4e65

    SHA256

    ce45272a8ef89417a48890971a46fd90b78834b5c4d9df86c002789dcbb4fdb4

    SHA512

    f8cadbc46f1e20a1e502e2ddee963e735cc74f435242e57a7c7352e0e03606e38097c8eb6dea3e29a5b6b633ddf56ce2dc489877bb91dabf52fb939c91d7b264

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f65cb75ad10cd8ba6178b58e3a962a87

    SHA1

    97bee1d95f93e685d123d58e2ee5f50e0be5d05c

    SHA256

    6d9042d6db9c2e246eae90c58fc40be2478a76c863473411db9cfb6f982389dc

    SHA512

    027d7fd8841087bdcd18fb1d1482762578e6ccff4689cefeb01633dcac1b32693aa2f35994e6ebbbb11830149ce852d90ec263adbd2821b97962abf3b627d100

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d243be79b8ad8c6c4894b404edebbc53

    SHA1

    a2611f791fca16f05a53264273167b32f62f2dd3

    SHA256

    db90e59a6f8084a0941aaedabdd8e17f99552d7e49f0c42a27c70639db548fe4

    SHA512

    bd5bfd79f6d8d3829ebef72cfa69c920a0541f3258f403c98679a1880ca726a094f798d48a0076a88f69f1e94d8b2522c566806e4a59fc2b0fb82d3870dd85ba

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    00b08a7e6f36a5f97cb6e45d6d5ac6c2

    SHA1

    71a4ed24eb6250813a001866f484a42475c8d822

    SHA256

    a79cb97c3283e90d0619c5bb4344d0881607fddb6ec5b5570e42849f6ed04167

    SHA512

    d0e237118fd2a4f4f9bb58438172e7b29e0fe0b82e69b412da79f1b69b921eaf92236c155ffd07026639c2fab257a755a652acb6fe484f3499e6e04d24932796

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    bea83eb386897bbee3e4f3a2f25fd004

    SHA1

    99430fd23b7f43acb7b58d41435ab7d83d38c8e7

    SHA256

    aadc9fb8ba1459ff1111c999b08de85ed0dcb7d8ebc29cad1494096d24f0810d

    SHA512

    90695d5b4a6649785f4ea5844f47726d9aeb97a0dcc8de0fdb74aaf763c487ce0ce1e1131e51449de043e77ff045de6e145684ec2e65f63ac9d0224a3f09c592

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    817273570d070421c88945fb8a6ea504

    SHA1

    0d87119cae9b4ccb94f16afb85ef94d0f34b694f

    SHA256

    4e95d28b43e65e83960262262d5feed59c1a4ca3a7dda88bce9691272ed3b110

    SHA512

    b0985a322d39a4d708b79b7dadfbab80bd0e1cacfa0f558c104822950031e3ee980b760c9f1739bf88f28516454950dc0c7516abaa6ac2207b73e0388c6ce42d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e27256e706260d0de693e7ace6501c2b

    SHA1

    cfd40bd7e49d9cb1997c5ade4f33a29cf3c4732a

    SHA256

    57f065991324f396bf7bceedec94503d0b5361671ac056bdad0b2025d31d61ac

    SHA512

    693aab65053f05ead4361dd8b6e3c639b7065c36977e4c2acc959e36e3758853d450e8e6f81e8a674d3aaf748a99c7a737447c62b8311a80d630bc09b9ebb76a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4706033c5654a9b9f9b6d8b81c15f501

    SHA1

    b91016330f7bfecd39a72cf3f1c346306ffba337

    SHA256

    8004b792ddd8c07ce1509e537e8a8a7e9689437d28125f594ad9fcdd54fda6e2

    SHA512

    2adf37f7de63c555c04fb3e3e0f27a570a4f4bc01d80c023111aa979553c650a2a276ca611c445829f949ed32424d7dfe8df0797cdddd12e3af8df4eb075eee9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    afc3fc64aad6c33517053e5466028a4d

    SHA1

    e05105ff39633a764576c462c6fdfd46715c5837

    SHA256

    30247750854fab5938d57decd299c3a2e61269650407727c1e3bb5a118d3e073

    SHA512

    ce2ca61b239f1243062ce3dba7d5b33c747847fb58d1c079b26129c6559449bbe7de2babe605d8da08fde0a81a35d7623c4cc78fef14470ffeef4f20a0cd5bc4

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\3C93DEPE\www.java[1].xml
    Filesize

    398B

    MD5

    3f6f9f04197de9a2b973d7a8faa467dd

    SHA1

    a363c733599b6ba17d490635830a26cd646d6013

    SHA256

    0850cc1ec23138aaae477bab8737e02e4cddb01977840a3c17b598cc27c3954f

    SHA512

    e5807fe0b43717723a299ba2f4fa3289b843cb526979ab5b752a8b16044a297a048516ea3a6b81bc66cd24bf625a855d3840e9b5b500d66aa866faf38e6e4e1d

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\3C93DEPE\www.java[1].xml
    Filesize

    13B

    MD5

    c1ddea3ef6bbef3e7060a1a9ad89e4c5

    SHA1

    35e3224fcbd3e1af306f2b6a2c6bbea9b0867966

    SHA256

    b71e4d17274636b97179ba2d97c742735b6510eb54f22893d3a2daff2ceb28db

    SHA512

    6be8cec7c862afae5b37aa32dc5bb45912881a3276606da41bf808a4ef92c318b355e616bf45a257b995520d72b7c08752c0be445dceade5cf79f73480910fed

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\9yhbznx\imagestore.dat
    Filesize

    1KB

    MD5

    c3cbe7338c8aef3f88981ab02d773678

    SHA1

    2d22cfe87eff5eb96ed306b809ca7b5af0abe64c

    SHA256

    07893aba0e94c2b759c9603f131bfc5e6de09d4641c3fa252e2097eb5b99f38a

    SHA512

    51e3631ecf4ac570119470d4b1263979c591189f3860d51f45a7c110e6990576d86284dd781ab5084ed1a97c39fcead30056d32b44c30e60162dbfd607c90d16

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DODQ7AEY\favicon[1].ico
    Filesize

    1KB

    MD5

    8e39f067cc4f41898ef342843171d58a

    SHA1

    ab19e81ce8ccb35b81bf2600d85c659e78e5c880

    SHA256

    872bad18b566b0833d6b496477daab46763cf8bdec342d34ac310c3ac045cefd

    SHA512

    47cd7f4ce8fcf0fc56b6ffe50450c8c5f71e3c379ecfcfd488d904d85ed90b4a8dafa335d0e9ca92e85b02b7111c9d75205d12073253eed681868e2a46c64890

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab2760.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar2761.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit

  • memory/2208-0-0x0000000000400000-0x0000000000421000-memory.dmp

    Filesize

    132KB

    Download