14938726563f4377711bc09ad04366a1c5db3196ec89699f09f50f33d03fa3b8

Analysis

max time kernel
121s
max time network
122s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
28/06/2024, 20:43

Target

14938726563f4377711bc09ad04366a1c5db3196ec89699f09f50f33d03fa3b8_NeikiAnalytics.exe
Size

702KB
MD5

128ef36956dfe2ad18bee6f6b1e1bc40
SHA1

5721bea9735e55f9689c3f63d1c92f1deb160987
SHA256

14938726563f4377711bc09ad04366a1c5db3196ec89699f09f50f33d03fa3b8
SHA512

fcf066cfd2e49229da9a54cd3e2da74abfe98caf855701d5367f66345ad9932a1686121f2331c064470b8935383193a7433af7d5439d12fbcc32768bdc2876a0
SSDEEP

12288:fSYFz/TR3F4SOpFjn04R4gq4HSUQH4WT65RShG605414IQanx8/6:HFjlV49pFT0SLTQYWkK2u4dax8C

Score

1^/10

Suspicious use of AdjustPrivilegeToken 1 IoCs

description	pid	Process
Token: SeTakeOwnershipPrivilege	2844	14938726563f4377711bc09ad04366a1c5db3196ec89699f09f50f33d03fa3b8_NeikiAnalytics.exe

C:\Users\Admin\AppData\Local\Temp\14938726563f4377711bc09ad04366a1c5db3196ec89699f09f50f33d03fa3b8_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\14938726563f4377711bc09ad04366a1c5db3196ec89699f09f50f33d03fa3b8_NeikiAnalytics.exe"
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:2844

memory/2844-0-0x0000000000400000-0x00000000004B6000-memory.dmp

Filesize
728KB

Download
memory/2844-1-0x00000000004C0000-0x0000000000527000-memory.dmp

Filesize
412KB

Download
memory/2844-8-0x00000000004C0000-0x0000000000527000-memory.dmp

Filesize
412KB

Download
memory/2844-11-0x0000000000400000-0x00000000004B6000-memory.dmp

Filesize
728KB

Download