Analysis
-
max time kernel
120s -
max time network
127s -
platform
windows7_x64 -
resource
win7-20240611-en -
resource tags
-
submitted
01-07-2024 04:20
General
-
Target
34e9f3c08aadc5dfb0b1162a45ccb0c0740ff5b54d97459a29667f3a010e89d7_NeikiAnalytics.exe
-
Size
285KB
-
MD5
4f79eb4998bc00a54f086fdcb36bb730
-
SHA1
73a77f9897d2dde4b6db0cbf6c1138d130003daf
-
SHA256
34e9f3c08aadc5dfb0b1162a45ccb0c0740ff5b54d97459a29667f3a010e89d7
-
SHA512
643d12961e54db499e3d266194898e5f4abc9e2ee28be9515a0792167a30f10d52109d5ad5ca1b79c11897556f956a49d8f6864ca27bb2607551d3d78f50d883
-
SSDEEP
6144:wBlkZvaF4NTBh1KDeEVsVLfB42pivkcsvieGRda9M3FkIurm3mN:woSWNTLmeEIpi9svie5W3cB
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\34e9f3c08aadc5dfb0b1162a45ccb0c0740ff5b54d97459a29667f3a010e89d7_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\34e9f3c08aadc5dfb0b1162a45ccb0c0740ff5b54d97459a29667f3a010e89d7_NeikiAnalytics.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\system32\cmd.exe"C:\Windows\sysnative\cmd" /c "C:\Users\Admin\AppData\Local\Temp\5E36.tmp\5E37.tmp\5E38.bat C:\Users\Admin\AppData\Local\Temp\34e9f3c08aadc5dfb0b1162a45ccb0c0740ff5b54d97459a29667f3a010e89d7_NeikiAnalytics.exe"2⤵
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
196KB
MD505d1537baed3b9cc2bdb19f7676ef6ba
SHA17fd0fa6673f9630e6f84ecbb117bda987a9080ed
SHA2569c9cb5d0a3b646cf36b14073b0590309ede573159f254d4866bf30d196cd6396
SHA512fe5bf23c378ea420d51066ea5d21f8788b5c6a14db35b83ec825849a566dfa6298366b673840cd71f584dc2568d267d8835dcc530e64f50d8f9272714293d7f6