Overview

overview

7

Static

static

3

900d055004...cs.exe

windows7-x64

7

900d055004...cs.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    51s
  • max time network
    51s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240508-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
  • submitted
    24/06/2024, 16:38

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    900d05500458b09a5f6913843ea51e2c7df41730b93c7d2a51c7a396fa1c230e_NeikiAnalytics.exe

  • Size

    7.0MB

  • MD5

    900254c64e82fdfb0d50d2ecbdb40800

  • SHA1

    872afec2affa1d9bd3e41cb84cc45ae3ee42d270

  • SHA256

    900d05500458b09a5f6913843ea51e2c7df41730b93c7d2a51c7a396fa1c230e

  • SHA512

    9eb5294c2fc868114c12619f340efdd8c93a2f72cb0030c36ee68787609c4ebb64f9fd805c28580b1129107e7aa6a133217e4dc9476f9010da2b68d35a945c1d

  • SSDEEP

    98304:emhd1Uryeyw6dGBagHoV7wQqZUha5jtSyZIUbn:el1acHo2QbaZtliK

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\900d05500458b09a5f6913843ea51e2c7df41730b93c7d2a51c7a396fa1c230e_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\900d05500458b09a5f6913843ea51e2c7df41730b93c7d2a51c7a396fa1c230e_NeikiAnalytics.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:4568
    • C:\Users\Admin\AppData\Local\Temp\490F.tmp
      "C:\Users\Admin\AppData\Local\Temp\490F.tmp" --splashC:\Users\Admin\AppData\Local\Temp\900d05500458b09a5f6913843ea51e2c7df41730b93c7d2a51c7a396fa1c230e_NeikiAnalytics.exe C924A1D8C1EF06CBBE72965E39685B819A4DDAF9176208659E17DDCC146582A45C19D1C89EB64F7D4137159105BA5CA5B4A2505DC8D6D42C74E078D1D2EF7553
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:836

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\490F.tmp
    Filesize

    7.0MB

    MD5

    9634082ec2f6c0af3e17a357d5be4dbc

    SHA1

    23e24c9679077ad628a8538c371237333def28f4

    SHA256

    424856e535f281fc6044d6a9e0b51ea2f1ce710526f47cfb5595e19b7d61ac2b

    SHA512

    23c8782d0d70885f5537b029ecc1554448ca8a2cb38425e8b9b998f5f9335c841b8ea0f667ce495a091c3397cca7aaa2c91efee9de81c74c60f858f9e7f562f6

    Download Submit

  • memory/836-5-0x0000000000400000-0x0000000000849000-memory.dmp

    Filesize

    4.3MB

    Download

  • memory/4568-0-0x0000000000400000-0x0000000000849000-memory.dmp

    Filesize

    4.3MB

    Download