Overview

overview

5

Static

static

3

2e488c4fe7...cs.exe

windows7-x64

5

2e488c4fe7...cs.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    118s
  • max time network
    118s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    25/06/2024, 04:20

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    2e488c4fe772838523ef7e86a4583eee7047519947655289cd0d063b64aebb04_NeikiAnalytics.exe

  • Size

    702KB

  • MD5

    2a290f94606090f3ed1df2fa623ad990

  • SHA1

    228784f7b74d06d6d97ea2dda58a6846f96819a8

  • SHA256

    2e488c4fe772838523ef7e86a4583eee7047519947655289cd0d063b64aebb04

  • SHA512

    e0a096fa2b0a9247a2ce635b581007a11bec8e47285143ad881b9cc4db226778c4772f51cde03eee9dd06d5805448167c493fa77ec5382e4686b906d3e5e49e2

  • SSDEEP

    12288:eSYFz/TuGt/sB1KcYmqgZvAMlUoUjG+YKtMfnkOeZb5JYiNAgAPh:OFjFt/sBlDqgZQd6XKtiMJYiPU

Score
5/10

Malware Config

Signatures

  • Drops file in System32 directory 1 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2e488c4fe772838523ef7e86a4583eee7047519947655289cd0d063b64aebb04_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\2e488c4fe772838523ef7e86a4583eee7047519947655289cd0d063b64aebb04_NeikiAnalytics.exe"
    1⤵
    • Drops file in System32 directory
    • Suspicious use of AdjustPrivilegeToken
    PID:2380

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • memory/2380-0-0x0000000000400000-0x00000000004B6000-memory.dmp

          Filesize

          728KB

          Download

        • memory/2380-8-0x00000000004C0000-0x0000000000527000-memory.dmp

          Filesize

          412KB

          Download

        • memory/2380-1-0x00000000004C0000-0x0000000000527000-memory.dmp

          Filesize

          412KB

          Download

        • memory/2380-11-0x0000000000400000-0x00000000004B6000-memory.dmp

          Filesize

          728KB

          Download