Analysis
-
max time kernel
148s -
max time network
151s -
platform
windows10-2004_x64 -
resource
win10v2004-20240611-en -
resource tags
-
submitted
26/06/2024, 00:56
General
-
Target
2fd182f83cf9692e478c1b2f7c626682b116e86d9a3f4ad7613957ac087bd080_NeikiAnalytics.exe
-
Size
110KB
-
MD5
061632f84873fbc0547b7f2e9641ae30
-
SHA1
5a56c16845b081e56b8173ca5e8a4805819f4f98
-
SHA256
2fd182f83cf9692e478c1b2f7c626682b116e86d9a3f4ad7613957ac087bd080
-
SHA512
4a62074aa2ff4758917a046e1f9244a6d6104254f10ed55a63588fa68f1c605adea57f31bbdac13173354e27c8c0d8cd0614a1012f70c4b333250dce76354c07
-
SSDEEP
1536:z7fbN3eEDhDPA/pICdUkbBtW7upvaLU0bI5taxKo0IOlnToIfqw6ESXbdZSIfxNF:v7DhdC6kzWypvaQ0FxyNTBfqREyn7fxL
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 2 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2fd182f83cf9692e478c1b2f7c626682b116e86d9a3f4ad7613957ac087bd080_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\2fd182f83cf9692e478c1b2f7c626682b116e86d9a3f4ad7613957ac087bd080_NeikiAnalytics.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\system32\cmd.exe"C:\Windows\sysnative\cmd" /c "C:\Users\Admin\AppData\Local\Temp\3A88.tmp\3A89.tmp\3A8A.bat C:\Users\Admin\AppData\Local\Temp\2fd182f83cf9692e478c1b2f7c626682b116e86d9a3f4ad7613957ac087bd080_NeikiAnalytics.exe"2⤵
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
14KB
MD5877e46528cf82f88cc4ec6a51a3978f2
SHA1efdb7ede68e92cb2b303ad8c4f9ef65b603a508a
SHA256ada81a4694e41218a04b7462c0d1ad251ec175522eff4d96fa212f0e58395e7e
SHA512b08ec92ca15fd9103b338de562752746594a80da08f5897faf94dd9dfddf47124b64101dafd6bd374234febd2e16243a284b2b17c50cfe54e3353cffbceed200