340974725bd95efd1a82d2b7307e363979691f12dad7085dd9e77f759508ac2e

Analysis

max time kernel
121s
max time network
128s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
01/07/2024, 04:04

Target

340974725bd95efd1a82d2b7307e363979691f12dad7085dd9e77f759508ac2e_NeikiAnalytics.exe
Size

202KB
MD5

ec1edc1b17a8f32349f3338bba1bd6e0
SHA1

c83d371cacf6f923df89183cde8865ec2aa94de3
SHA256

340974725bd95efd1a82d2b7307e363979691f12dad7085dd9e77f759508ac2e
SHA512

0675db4a1bc1708572348dd14782d6e9f322c66994594106948710fb2b2de96ae672597544c4d335076a16d6c96663a826f6986089c074c912dc9a59c7590139
SSDEEP

3072:Ntfuu+863O6ua50MhTfvNBF/BvhEY+YXUs/4nZq+4COXHLQmAZCH22Kh13IHGtaV:o3+oF/r7/Mj4NQSWrhSHqpLGNrP

Score

7^/10

Deletes itself 1 IoCs

pid	Process
3052	340974725bd95efd1a82d2b7307e363979691f12dad7085dd9e77f759508ac2e_NeikiAnalytics.exe

Executes dropped EXE 1 IoCs

pid	Process
3052	340974725bd95efd1a82d2b7307e363979691f12dad7085dd9e77f759508ac2e_NeikiAnalytics.exe

Loads dropped DLL 1 IoCs

pid	Process
2452	340974725bd95efd1a82d2b7307e363979691f12dad7085dd9e77f759508ac2e_NeikiAnalytics.exe

Suspicious behavior: RenamesItself 1 IoCs

pid	Process
2452	340974725bd95efd1a82d2b7307e363979691f12dad7085dd9e77f759508ac2e_NeikiAnalytics.exe

Suspicious use of UnmapMainImage 1 IoCs

pid	Process
3052	340974725bd95efd1a82d2b7307e363979691f12dad7085dd9e77f759508ac2e_NeikiAnalytics.exe

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 2452 wrote to memory of 3052	2452	340974725bd95efd1a82d2b7307e363979691f12dad7085dd9e77f759508ac2e_NeikiAnalytics.exe	29
PID 2452 wrote to memory of 3052	2452	340974725bd95efd1a82d2b7307e363979691f12dad7085dd9e77f759508ac2e_NeikiAnalytics.exe	29
PID 2452 wrote to memory of 3052	2452	340974725bd95efd1a82d2b7307e363979691f12dad7085dd9e77f759508ac2e_NeikiAnalytics.exe	29
PID 2452 wrote to memory of 3052	2452	340974725bd95efd1a82d2b7307e363979691f12dad7085dd9e77f759508ac2e_NeikiAnalytics.exe	29

\Users\Admin\AppData\Local\Temp\340974725bd95efd1a82d2b7307e363979691f12dad7085dd9e77f759508ac2e_NeikiAnalytics.exe

Filesize
202KB

MD5
3934d263c1f528b3e8b779f74125713f

SHA1
46c9de2abf4dc634167cc4e8b0cdfa75a7a87401

SHA256
08f8da917ea92bd64a24244f68a10381dcd025477e058aa365658924ab09d36c

SHA512
cb0f8faa404e9ef5431ebeae10e8cca325546c4331fd95fa151594b91d70e62eed0c8c1dbf670fa82a07a16ac3cf625d418959f01e291fddded7019f0cafc8db

Download Submit
memory/2452-0-0x0000000000400000-0x000000000043E000-memory.dmp

Filesize
248KB

Download
memory/2452-6-0x0000000000130000-0x000000000016E000-memory.dmp

Filesize
248KB

Download
memory/2452-10-0x0000000000400000-0x000000000043E000-memory.dmp

Filesize
248KB

Download
memory/3052-12-0x0000000000400000-0x000000000041A000-memory.dmp

Filesize
104KB

Download
memory/3052-17-0x0000000000400000-0x000000000043E000-memory.dmp

Filesize
248KB

Download
memory/3052-16-0x0000000000170000-0x00000000001AE000-memory.dmp

Filesize
248KB

Download