Overview

overview

5

Static

static

3

8b6979bd5f...cs.exe

windows7-x64

5

8b6979bd5f...cs.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    119s
  • max time network
    119s
  • platform
    windows7_x64
  • resource
    win7-20240611-en
  • resource tags

    arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
  • submitted
    29-06-2024 08:28

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    8b6979bd5f32608acfe0f8e38ec3f7af4e93e8c5c60e6d668e1a42e75cfbd75b_NeikiAnalytics.exe

  • Size

    702KB

  • MD5

    ffc62e3a51d6dd152a859d7d6b06e8b0

  • SHA1

    bd8ffbfb77c0a80c648ba50ff898d6dc45ac1e1c

  • SHA256

    8b6979bd5f32608acfe0f8e38ec3f7af4e93e8c5c60e6d668e1a42e75cfbd75b

  • SHA512

    7a8942adf2e58e4057fc9eb839cdbdd5730a83f7a90ce02f8ba0dd4ca2f2112373b1b8980d1fd1502f6c4ae8d7a67e956a8fffe40d6c6e922308632be3c34d1c

  • SSDEEP

    12288:OSYFz/TklUYxVtECnc19+3Aq4OKFeT62T1wBSNKKv/LNsdDusb0zGq0wT:eFj0UYxH5nczaKg+aTTsdVbqd0wT

Score
5/10

Malware Config

Signatures

  • Drops file in System32 directory 1 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\8b6979bd5f32608acfe0f8e38ec3f7af4e93e8c5c60e6d668e1a42e75cfbd75b_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\8b6979bd5f32608acfe0f8e38ec3f7af4e93e8c5c60e6d668e1a42e75cfbd75b_NeikiAnalytics.exe"
    1⤵
    • Drops file in System32 directory
    • Suspicious use of AdjustPrivilegeToken
    PID:2108

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2108-0-0x0000000000400000-0x00000000004B6000-memory.dmp

    Filesize

    728KB

    Download

  • memory/2108-1-0x0000000001CF0000-0x0000000001D57000-memory.dmp

    Filesize

    412KB

    Download

  • memory/2108-7-0x0000000001CF0000-0x0000000001D57000-memory.dmp

    Filesize

    412KB

    Download

  • memory/2108-6-0x0000000001CF0000-0x0000000001D57000-memory.dmp

    Filesize

    412KB

    Download

  • memory/2108-11-0x0000000000400000-0x00000000004B6000-memory.dmp

    Filesize

    728KB

    Download