a2561116309a1a3889ca73e40beebbcea042783cc9e5e61e6c22d7291b8e94fe

Analysis

max time kernel
118s
max time network
119s
platform
windows7_x64
resource
win7-20231129-en
resource tags

arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
submitted
28/06/2024, 17:06

Target

a2561116309a1a3889ca73e40beebbcea042783cc9e5e61e6c22d7291b8e94fe_NeikiAnalytics.exe
Size

92KB
MD5

9ebfc15c9f8544da6388ec5ee01e30b0
SHA1

b3d6b1334d9977a97317548f96b2ff3d5ad2976c
SHA256

a2561116309a1a3889ca73e40beebbcea042783cc9e5e61e6c22d7291b8e94fe
SHA512

0c1618fa3ad47cd990cd7fc4a0af4ffc24c6a1dfa2fcdc6a42b3adaec31b82abe1d06f019a3bb21c52220f07d2089ee0cb52b65f4cffb0514367221ccd5acaf0
SSDEEP

1536:7tCuyO3FYMstPL54HbIeOOihbNtsqE7R82nH5+dqe7fGiFIX5tGqH3cPqHBKJhP9:7tCuyu6FwMelilNfE7S2nH5+dT7uiu5q

Score

3^/10

Program crash 1 IoCs

pid	pid_target	Process	procid_target
2552	2024	WerFault.exe	27

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 2024 wrote to memory of 2552	2024	a2561116309a1a3889ca73e40beebbcea042783cc9e5e61e6c22d7291b8e94fe_NeikiAnalytics.exe	28
PID 2024 wrote to memory of 2552	2024	a2561116309a1a3889ca73e40beebbcea042783cc9e5e61e6c22d7291b8e94fe_NeikiAnalytics.exe	28
PID 2024 wrote to memory of 2552	2024	a2561116309a1a3889ca73e40beebbcea042783cc9e5e61e6c22d7291b8e94fe_NeikiAnalytics.exe	28
PID 2024 wrote to memory of 2552	2024	a2561116309a1a3889ca73e40beebbcea042783cc9e5e61e6c22d7291b8e94fe_NeikiAnalytics.exe	28

C:\Users\Admin\AppData\Local\Temp\a2561116309a1a3889ca73e40beebbcea042783cc9e5e61e6c22d7291b8e94fe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\a2561116309a1a3889ca73e40beebbcea042783cc9e5e61e6c22d7291b8e94fe_NeikiAnalytics.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:2024
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 2024 -s 632
  2⤵
  - Program crash
  PID:2552

memory/2024-0-0x00000000745EE000-0x00000000745EF000-memory.dmp

Filesize
4KB

Download
memory/2024-1-0x0000000001370000-0x000000000138E000-memory.dmp

Filesize
120KB

Download
memory/2024-2-0x00000000745E0000-0x0000000074CCE000-memory.dmp

Filesize
6.9MB

Download
memory/2024-3-0x00000000745EE000-0x00000000745EF000-memory.dmp

Filesize
4KB

Download
memory/2024-4-0x00000000745E0000-0x0000000074CCE000-memory.dmp

Filesize
6.9MB

Download