3f39035bb9dd303d92ba8a4fef2ab7d4af2c1ea60d00bdd4cbc48c411372d4a6

Analysis

max time kernel
120s
max time network
121s
platform
windows7_x64
resource
win7-20240611-en
resource tags

arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
submitted
01-07-2024 07:21

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

3f39035bb9dd303d92ba8a4fef2ab7d4af2c1ea60d00bdd4cbc48c411372d4a6_NeikiAnalytics.exe
Size

36KB
MD5

6deea670b24afba0d81d343f20017100
SHA1

fdf7c3a925e6fc23b3a0b0b2a51b77825897d050
SHA256

3f39035bb9dd303d92ba8a4fef2ab7d4af2c1ea60d00bdd4cbc48c411372d4a6
SHA512

1ee3253dadfcadb2c94f3d62fc7e671e533a4ec6e79eb37f44daed72e872caf075c7a911c9f50426bc86800e86c6043270608bb096035ab73f46cc8355976bad
SSDEEP

384:qs49XdFS4yATBod+ucZ8n6xV8X6w5z0KK+bgcED/WyQip1v:qsAtFeAw8Z8n6xV8Xr10mgceBhH

Score

1^/10

Malware Config

Signatures

Modifies registry class 61 IoCs

description	ioc	Process
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{CEE1F6B8-C6C3-40DC-BE5B-E871D7ADAD71}\TypeLib\Version = "3.0"	3f39035bb9dd303d92ba8a4fef2ab7d4af2c1ea60d00bdd4cbc48c411372d4a6_NeikiAnalytics.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{CEE1F6B8-C6C3-40DC-BE5B-E871D7ADAD71}\ProxyStubClsid\ = "{00020420-0000-0000-C000-000000000046}"	3f39035bb9dd303d92ba8a4fef2ab7d4af2c1ea60d00bdd4cbc48c411372d4a6_NeikiAnalytics.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\TYPELIB\{45328323-8E78-463D-B10F-A9AA8BAC0A58}\3.0\FLAGS	3f39035bb9dd303d92ba8a4fef2ab7d4af2c1ea60d00bdd4cbc48c411372d4a6_NeikiAnalytics.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{9C4827C4-AA25-4662-A7A0-0DE93B895F67}	3f39035bb9dd303d92ba8a4fef2ab7d4af2c1ea60d00bdd4cbc48c411372d4a6_NeikiAnalytics.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{CEE1F6B8-C6C3-40DC-BE5B-E871D7ADAD71}\ProxyStubClsid32	3f39035bb9dd303d92ba8a4fef2ab7d4af2c1ea60d00bdd4cbc48c411372d4a6_NeikiAnalytics.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{CEE1F6B8-C6C3-40DC-BE5B-E871D7ADAD71}\ProxyStubClsid32\ = "{00020420-0000-0000-C000-000000000046}"	3f39035bb9dd303d92ba8a4fef2ab7d4af2c1ea60d00bdd4cbc48c411372d4a6_NeikiAnalytics.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\TYPELIB\{45328323-8E78-463D-B10F-A9AA8BAC0A58}\3.0\0\win32	3f39035bb9dd303d92ba8a4fef2ab7d4af2c1ea60d00bdd4cbc48c411372d4a6_NeikiAnalytics.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{9C4827C4-AA25-4662-A7A0-0DE93B895F67}\ = "_clsNetData"	3f39035bb9dd303d92ba8a4fef2ab7d4af2c1ea60d00bdd4cbc48c411372d4a6_NeikiAnalytics.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{CEE1F6B8-C6C3-40DC-BE5B-E871D7ADAD71}\TypeLib\ = "{45328323-8E78-463D-B10F-A9AA8BAC0A58}"	3f39035bb9dd303d92ba8a4fef2ab7d4af2c1ea60d00bdd4cbc48c411372d4a6_NeikiAnalytics.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{C343729E-8BEB-4D4B-9C0F-83A4E9A94431}\LocalServer32	3f39035bb9dd303d92ba8a4fef2ab7d4af2c1ea60d00bdd4cbc48c411372d4a6_NeikiAnalytics.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{C343729E-8BEB-4D4B-9C0F-83A4E9A94431}\TypeLib	3f39035bb9dd303d92ba8a4fef2ab7d4af2c1ea60d00bdd4cbc48c411372d4a6_NeikiAnalytics.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{C343729E-8BEB-4D4B-9C0F-83A4E9A94431}\Programmable	3f39035bb9dd303d92ba8a4fef2ab7d4af2c1ea60d00bdd4cbc48c411372d4a6_NeikiAnalytics.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\TYPELIB\{45328323-8E78-463D-B10F-A9AA8BAC0A58}\3.0\0\win32\ = "C:\\Users\\Admin\\AppData\\Local\\Temp\\3f39035bb9dd303d92ba8a4fef2ab7d4af2c1ea60d00bdd4cbc48c411372d4a6_NeikiAnalytics.exe"	3f39035bb9dd303d92ba8a4fef2ab7d4af2c1ea60d00bdd4cbc48c411372d4a6_NeikiAnalytics.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{9C4827C4-AA25-4662-A7A0-0DE93B895F67}\TypeLib	3f39035bb9dd303d92ba8a4fef2ab7d4af2c1ea60d00bdd4cbc48c411372d4a6_NeikiAnalytics.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\TYPELIB\{45328323-8E78-463D-B10F-A9AA8BAC0A58}\3.0\FLAGS\ = "0"	3f39035bb9dd303d92ba8a4fef2ab7d4af2c1ea60d00bdd4cbc48c411372d4a6_NeikiAnalytics.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{CEE1F6B8-C6C3-40DC-BE5B-E871D7ADAD71}	3f39035bb9dd303d92ba8a4fef2ab7d4af2c1ea60d00bdd4cbc48c411372d4a6_NeikiAnalytics.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{CEE1F6B8-C6C3-40DC-BE5B-E871D7ADAD71}\TypeLib\ = "{45328323-8E78-463D-B10F-A9AA8BAC0A58}"	3f39035bb9dd303d92ba8a4fef2ab7d4af2c1ea60d00bdd4cbc48c411372d4a6_NeikiAnalytics.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{C343729E-8BEB-4D4B-9C0F-83A4E9A94431}\ProgID	3f39035bb9dd303d92ba8a4fef2ab7d4af2c1ea60d00bdd4cbc48c411372d4a6_NeikiAnalytics.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{9C4827C4-AA25-4662-A7A0-0DE93B895F67}\TypeLib\ = "{45328323-8E78-463D-B10F-A9AA8BAC0A58}"	3f39035bb9dd303d92ba8a4fef2ab7d4af2c1ea60d00bdd4cbc48c411372d4a6_NeikiAnalytics.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\TYPELIB\{45328323-8E78-463D-B10F-A9AA8BAC0A58}\3.0\HELPDIR\ = "C:\\Users\\Admin\\AppData\\Local\\Temp"	3f39035bb9dd303d92ba8a4fef2ab7d4af2c1ea60d00bdd4cbc48c411372d4a6_NeikiAnalytics.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{C343729E-8BEB-4D4B-9C0F-83A4E9A94431}	3f39035bb9dd303d92ba8a4fef2ab7d4af2c1ea60d00bdd4cbc48c411372d4a6_NeikiAnalytics.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{C343729E-8BEB-4D4B-9C0F-83A4E9A94431}\Implemented Categories\{40FC6ED5-2438-11CF-A3DB-080036F12502}	3f39035bb9dd303d92ba8a4fef2ab7d4af2c1ea60d00bdd4cbc48c411372d4a6_NeikiAnalytics.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\TYPELIB\{45328323-8E78-463D-B10F-A9AA8BAC0A58}\3.0\ = "NetData"	3f39035bb9dd303d92ba8a4fef2ab7d4af2c1ea60d00bdd4cbc48c411372d4a6_NeikiAnalytics.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{9C4827C4-AA25-4662-A7A0-0DE93B895F67}\TypeLib	3f39035bb9dd303d92ba8a4fef2ab7d4af2c1ea60d00bdd4cbc48c411372d4a6_NeikiAnalytics.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{9C4827C4-AA25-4662-A7A0-0DE93B895F67}\ProxyStubClsid32\ = "{00020424-0000-0000-C000-000000000046}"	3f39035bb9dd303d92ba8a4fef2ab7d4af2c1ea60d00bdd4cbc48c411372d4a6_NeikiAnalytics.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{CEE1F6B8-C6C3-40DC-BE5B-E871D7ADAD71}\TypeLib	3f39035bb9dd303d92ba8a4fef2ab7d4af2c1ea60d00bdd4cbc48c411372d4a6_NeikiAnalytics.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{C343729E-8BEB-4D4B-9C0F-83A4E9A94431}\ProgID\ = "NetData.clsNetData"	3f39035bb9dd303d92ba8a4fef2ab7d4af2c1ea60d00bdd4cbc48c411372d4a6_NeikiAnalytics.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\NetData.clsNetData\Clsid	3f39035bb9dd303d92ba8a4fef2ab7d4af2c1ea60d00bdd4cbc48c411372d4a6_NeikiAnalytics.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{9C4827C4-AA25-4662-A7A0-0DE93B895F67}\ProxyStubClsid	3f39035bb9dd303d92ba8a4fef2ab7d4af2c1ea60d00bdd4cbc48c411372d4a6_NeikiAnalytics.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{CEE1F6B8-C6C3-40DC-BE5B-E871D7ADAD71}\ProxyStubClsid	3f39035bb9dd303d92ba8a4fef2ab7d4af2c1ea60d00bdd4cbc48c411372d4a6_NeikiAnalytics.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{9C4827C4-AA25-4662-A7A0-0DE93B895F67}\ProxyStubClsid32	3f39035bb9dd303d92ba8a4fef2ab7d4af2c1ea60d00bdd4cbc48c411372d4a6_NeikiAnalytics.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{CEE1F6B8-C6C3-40DC-BE5B-E871D7ADAD71}\TypeLib	3f39035bb9dd303d92ba8a4fef2ab7d4af2c1ea60d00bdd4cbc48c411372d4a6_NeikiAnalytics.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{C343729E-8BEB-4D4B-9C0F-83A4E9A94431}\ = "NetData.clsNetData"	3f39035bb9dd303d92ba8a4fef2ab7d4af2c1ea60d00bdd4cbc48c411372d4a6_NeikiAnalytics.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{CEE1F6B8-C6C3-40DC-BE5B-E871D7ADAD71}\ = "__clsNetData"	3f39035bb9dd303d92ba8a4fef2ab7d4af2c1ea60d00bdd4cbc48c411372d4a6_NeikiAnalytics.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{CEE1F6B8-C6C3-40DC-BE5B-E871D7ADAD71}\ProxyStubClsid32	3f39035bb9dd303d92ba8a4fef2ab7d4af2c1ea60d00bdd4cbc48c411372d4a6_NeikiAnalytics.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{C343729E-8BEB-4D4B-9C0F-83A4E9A94431}\Implemented Categories	3f39035bb9dd303d92ba8a4fef2ab7d4af2c1ea60d00bdd4cbc48c411372d4a6_NeikiAnalytics.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\TYPELIB\{45328323-8E78-463D-B10F-A9AA8BAC0A58}	3f39035bb9dd303d92ba8a4fef2ab7d4af2c1ea60d00bdd4cbc48c411372d4a6_NeikiAnalytics.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{C343729E-8BEB-4D4B-9C0F-83A4E9A94431}\TypeLib\ = "{45328323-8E78-463D-B10F-A9AA8BAC0A58}"	3f39035bb9dd303d92ba8a4fef2ab7d4af2c1ea60d00bdd4cbc48c411372d4a6_NeikiAnalytics.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{C343729E-8BEB-4D4B-9C0F-83A4E9A94431}\VERSION	3f39035bb9dd303d92ba8a4fef2ab7d4af2c1ea60d00bdd4cbc48c411372d4a6_NeikiAnalytics.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\NetData.clsNetData\ = "NetData.clsNetData"	3f39035bb9dd303d92ba8a4fef2ab7d4af2c1ea60d00bdd4cbc48c411372d4a6_NeikiAnalytics.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{9C4827C4-AA25-4662-A7A0-0DE93B895F67}\ = "clsNetData"	3f39035bb9dd303d92ba8a4fef2ab7d4af2c1ea60d00bdd4cbc48c411372d4a6_NeikiAnalytics.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{CEE1F6B8-C6C3-40DC-BE5B-E871D7ADAD71}\ = "clsNetData"	3f39035bb9dd303d92ba8a4fef2ab7d4af2c1ea60d00bdd4cbc48c411372d4a6_NeikiAnalytics.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{9C4827C4-AA25-4662-A7A0-0DE93B895F67}\ = "_clsNetData"	3f39035bb9dd303d92ba8a4fef2ab7d4af2c1ea60d00bdd4cbc48c411372d4a6_NeikiAnalytics.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{9C4827C4-AA25-4662-A7A0-0DE93B895F67}\TypeLib\Version = "3.0"	3f39035bb9dd303d92ba8a4fef2ab7d4af2c1ea60d00bdd4cbc48c411372d4a6_NeikiAnalytics.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{CEE1F6B8-C6C3-40DC-BE5B-E871D7ADAD71}\ProxyStubClsid32\ = "{00020420-0000-0000-C000-000000000046}"	3f39035bb9dd303d92ba8a4fef2ab7d4af2c1ea60d00bdd4cbc48c411372d4a6_NeikiAnalytics.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{9C4827C4-AA25-4662-A7A0-0DE93B895F67}\ProxyStubClsid\ = "{00020424-0000-0000-C000-000000000046}"	3f39035bb9dd303d92ba8a4fef2ab7d4af2c1ea60d00bdd4cbc48c411372d4a6_NeikiAnalytics.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{9C4827C4-AA25-4662-A7A0-0DE93B895F67}\ProxyStubClsid32\ = "{00020424-0000-0000-C000-000000000046}"	3f39035bb9dd303d92ba8a4fef2ab7d4af2c1ea60d00bdd4cbc48c411372d4a6_NeikiAnalytics.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{C343729E-8BEB-4D4B-9C0F-83A4E9A94431}\LocalServer32\ = "C:\\Users\\Admin\\AppData\\Local\\Temp\\3f39035bb9dd303d92ba8a4fef2ab7d4af2c1ea60d00bdd4cbc48c411372d4a6_NeikiAnalytics.exe"	3f39035bb9dd303d92ba8a4fef2ab7d4af2c1ea60d00bdd4cbc48c411372d4a6_NeikiAnalytics.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\NetData.clsNetData\Clsid\ = "{C343729E-8BEB-4D4B-9C0F-83A4E9A94431}"	3f39035bb9dd303d92ba8a4fef2ab7d4af2c1ea60d00bdd4cbc48c411372d4a6_NeikiAnalytics.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\TYPELIB\{45328323-8E78-463D-B10F-A9AA8BAC0A58}\3.0\0	3f39035bb9dd303d92ba8a4fef2ab7d4af2c1ea60d00bdd4cbc48c411372d4a6_NeikiAnalytics.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{9C4827C4-AA25-4662-A7A0-0DE93B895F67}	3f39035bb9dd303d92ba8a4fef2ab7d4af2c1ea60d00bdd4cbc48c411372d4a6_NeikiAnalytics.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{9C4827C4-AA25-4662-A7A0-0DE93B895F67}\TypeLib\ = "{45328323-8E78-463D-B10F-A9AA8BAC0A58}"	3f39035bb9dd303d92ba8a4fef2ab7d4af2c1ea60d00bdd4cbc48c411372d4a6_NeikiAnalytics.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\TYPELIB\{45328323-8E78-463D-B10F-A9AA8BAC0A58}\3.0	3f39035bb9dd303d92ba8a4fef2ab7d4af2c1ea60d00bdd4cbc48c411372d4a6_NeikiAnalytics.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{9C4827C4-AA25-4662-A7A0-0DE93B895F67}\TypeLib\Version = "3.0"	3f39035bb9dd303d92ba8a4fef2ab7d4af2c1ea60d00bdd4cbc48c411372d4a6_NeikiAnalytics.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\NetData.clsNetData	3f39035bb9dd303d92ba8a4fef2ab7d4af2c1ea60d00bdd4cbc48c411372d4a6_NeikiAnalytics.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\TYPELIB\{45328323-8E78-463D-B10F-A9AA8BAC0A58}\3.0\HELPDIR	3f39035bb9dd303d92ba8a4fef2ab7d4af2c1ea60d00bdd4cbc48c411372d4a6_NeikiAnalytics.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{CEE1F6B8-C6C3-40DC-BE5B-E871D7ADAD71}\TypeLib\Version = "3.0"	3f39035bb9dd303d92ba8a4fef2ab7d4af2c1ea60d00bdd4cbc48c411372d4a6_NeikiAnalytics.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{C343729E-8BEB-4D4B-9C0F-83A4E9A94431}\VERSION\ = "3.0"	3f39035bb9dd303d92ba8a4fef2ab7d4af2c1ea60d00bdd4cbc48c411372d4a6_NeikiAnalytics.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{9C4827C4-AA25-4662-A7A0-0DE93B895F67}\ProxyStubClsid32	3f39035bb9dd303d92ba8a4fef2ab7d4af2c1ea60d00bdd4cbc48c411372d4a6_NeikiAnalytics.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{CEE1F6B8-C6C3-40DC-BE5B-E871D7ADAD71}\ = "__clsNetData"	3f39035bb9dd303d92ba8a4fef2ab7d4af2c1ea60d00bdd4cbc48c411372d4a6_NeikiAnalytics.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{CEE1F6B8-C6C3-40DC-BE5B-E871D7ADAD71}	3f39035bb9dd303d92ba8a4fef2ab7d4af2c1ea60d00bdd4cbc48c411372d4a6_NeikiAnalytics.exe

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
2016	3f39035bb9dd303d92ba8a4fef2ab7d4af2c1ea60d00bdd4cbc48c411372d4a6_NeikiAnalytics.exe

C:\Users\Admin\AppData\Local\Temp\3f39035bb9dd303d92ba8a4fef2ab7d4af2c1ea60d00bdd4cbc48c411372d4a6_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\3f39035bb9dd303d92ba8a4fef2ab7d4af2c1ea60d00bdd4cbc48c411372d4a6_NeikiAnalytics.exe"
1⤵
- Modifies registry class
- Suspicious use of SetWindowsHookEx
PID:2016

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads