450f56f1755f9cabcda4485bdfc2481ad62f87f5e07cf9302cb7c7776f09134a

Analysis

max time kernel
120s
max time network
121s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
29/06/2024, 01:27

Target

450f56f1755f9cabcda4485bdfc2481ad62f87f5e07cf9302cb7c7776f09134a_NeikiAnalytics.exe
Size

213KB
MD5

1322871d37c57d4f41901b3c5264d990
SHA1

8bb0651841d8c5b6465869f58c2bb2a25f5e9bed
SHA256

450f56f1755f9cabcda4485bdfc2481ad62f87f5e07cf9302cb7c7776f09134a
SHA512

3334d5b27547ab1753695cf82269a0c5b5f5e01ece1fc5815ab0446c022d63d40390f669fbc8cd6e1e6d662b5568958f22d1f6327209c72594d782e9e5193167
SSDEEP

6144:RSg0EugnEUCneJW/KDj5+HqBUdgS7tDH0:RShHUCnUTMlJDH0

Score

7^/10

Deletes itself 1 IoCs

pid	Process
2176	450f56f1755f9cabcda4485bdfc2481ad62f87f5e07cf9302cb7c7776f09134a_NeikiAnalytics.exe

Executes dropped EXE 1 IoCs

pid	Process
2176	450f56f1755f9cabcda4485bdfc2481ad62f87f5e07cf9302cb7c7776f09134a_NeikiAnalytics.exe

Loads dropped DLL 1 IoCs

pid	Process
1848	450f56f1755f9cabcda4485bdfc2481ad62f87f5e07cf9302cb7c7776f09134a_NeikiAnalytics.exe

Suspicious behavior: RenamesItself 1 IoCs

pid	Process
1848	450f56f1755f9cabcda4485bdfc2481ad62f87f5e07cf9302cb7c7776f09134a_NeikiAnalytics.exe

Suspicious use of UnmapMainImage 1 IoCs

pid	Process
2176	450f56f1755f9cabcda4485bdfc2481ad62f87f5e07cf9302cb7c7776f09134a_NeikiAnalytics.exe

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 1848 wrote to memory of 2176	1848	450f56f1755f9cabcda4485bdfc2481ad62f87f5e07cf9302cb7c7776f09134a_NeikiAnalytics.exe	29
PID 1848 wrote to memory of 2176	1848	450f56f1755f9cabcda4485bdfc2481ad62f87f5e07cf9302cb7c7776f09134a_NeikiAnalytics.exe	29
PID 1848 wrote to memory of 2176	1848	450f56f1755f9cabcda4485bdfc2481ad62f87f5e07cf9302cb7c7776f09134a_NeikiAnalytics.exe	29
PID 1848 wrote to memory of 2176	1848	450f56f1755f9cabcda4485bdfc2481ad62f87f5e07cf9302cb7c7776f09134a_NeikiAnalytics.exe	29

C:\Users\Admin\AppData\Local\Temp\450f56f1755f9cabcda4485bdfc2481ad62f87f5e07cf9302cb7c7776f09134a_NeikiAnalytics.exe

Filesize
213KB

MD5
1cff0143aa49aa7a202ef72632833cd0

SHA1
6fa43003a885a2e8b410fb21ab2b749154e3a2a8

SHA256
6844c30ad1d532f373b9a565d0cf482f4096d066383e56330cf55dbee4320e75

SHA512
408b085a53713f730e417632e1cee6472ee0b9da7e121241a369a574a81402692cb978cb75b1c0acacb5c5b5ad8d3d6083e11177576ce3eb276460612747e279

Download Submit
memory/1848-0-0x0000000000400000-0x0000000000441000-memory.dmp

Filesize
260KB

Download
memory/1848-9-0x0000000000400000-0x0000000000441000-memory.dmp

Filesize
260KB

Download
memory/2176-10-0x0000000000400000-0x0000000000441000-memory.dmp

Filesize
260KB

Download
memory/2176-11-0x0000000000400000-0x000000000041A000-memory.dmp

Filesize
104KB

Download
memory/2176-16-0x0000000000300000-0x0000000000341000-memory.dmp

Filesize
260KB

Download