3dc2a7d658659c2eadfb7d79ecb1a46a02fcaedec8b35f4fb16266245d6466dc

Analysis

max time kernel
120s
max time network
121s
platform
windows7_x64
resource
win7-20240220-en
resource tags

arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system
submitted
01/07/2024, 06:56

Target

3dc2a7d658659c2eadfb7d79ecb1a46a02fcaedec8b35f4fb16266245d6466dc_NeikiAnalytics.exe
Size

190KB
MD5

d8975e889ff3de0198d51073e078fcf0
SHA1

89097e626ed42e40b1fc4727e9b97c6b09f91b95
SHA256

3dc2a7d658659c2eadfb7d79ecb1a46a02fcaedec8b35f4fb16266245d6466dc
SHA512

c05cce857e412847cb78afa6d93d114b9a4c5e28fcfed344eecb9d60331668885364159fca279d7de2ee138fd2b0a4d76bfe4023ebf7bbd028aebc7dfbd2fd34
SSDEEP

3072:tsIFsptFF2ucDWxQQ0pAk5c/DUKxtJ2dRr9Jv8VjqYZmv96r:Sisj72xWWQ/Qc/ttYdTJvgG9M

Score

7^/10

Deletes itself 1 IoCs

pid	Process
2904	3dc2a7d658659c2eadfb7d79ecb1a46a02fcaedec8b35f4fb16266245d6466dc_NeikiAnalytics.exe

Executes dropped EXE 1 IoCs

pid	Process
2904	3dc2a7d658659c2eadfb7d79ecb1a46a02fcaedec8b35f4fb16266245d6466dc_NeikiAnalytics.exe

Loads dropped DLL 1 IoCs

pid	Process
2912	3dc2a7d658659c2eadfb7d79ecb1a46a02fcaedec8b35f4fb16266245d6466dc_NeikiAnalytics.exe

Suspicious behavior: RenamesItself 1 IoCs

pid	Process
2912	3dc2a7d658659c2eadfb7d79ecb1a46a02fcaedec8b35f4fb16266245d6466dc_NeikiAnalytics.exe

Suspicious use of UnmapMainImage 1 IoCs

pid	Process
2904	3dc2a7d658659c2eadfb7d79ecb1a46a02fcaedec8b35f4fb16266245d6466dc_NeikiAnalytics.exe

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 2912 wrote to memory of 2904	2912	3dc2a7d658659c2eadfb7d79ecb1a46a02fcaedec8b35f4fb16266245d6466dc_NeikiAnalytics.exe	29
PID 2912 wrote to memory of 2904	2912	3dc2a7d658659c2eadfb7d79ecb1a46a02fcaedec8b35f4fb16266245d6466dc_NeikiAnalytics.exe	29
PID 2912 wrote to memory of 2904	2912	3dc2a7d658659c2eadfb7d79ecb1a46a02fcaedec8b35f4fb16266245d6466dc_NeikiAnalytics.exe	29
PID 2912 wrote to memory of 2904	2912	3dc2a7d658659c2eadfb7d79ecb1a46a02fcaedec8b35f4fb16266245d6466dc_NeikiAnalytics.exe	29

\Users\Admin\AppData\Local\Temp\3dc2a7d658659c2eadfb7d79ecb1a46a02fcaedec8b35f4fb16266245d6466dc_NeikiAnalytics.exe

Filesize
190KB

MD5
c30830ef5eba42f1894a38db3ac2f22b

SHA1
5e3c199eca9060ab6ecb21a55fb5c7f3d5ab3845

SHA256
7b9b160fa8c59f674bde311ec3ee4e3492b6bdd57277642ad3c7603cae8f17a7

SHA512
d3ac313b47d29c3ae38e5042b59f916fb106447101db7b5952963d5f6a8b40c48c16ca6b710c50b70870f8c795a053fb018fdf5014fc1eb4cbdd22a30dd50542

Download Submit
memory/2904-12-0x0000000000400000-0x0000000000437000-memory.dmp

Filesize
220KB

Download
memory/2904-13-0x0000000000400000-0x000000000041A000-memory.dmp

Filesize
104KB

Download
memory/2904-18-0x0000000000130000-0x0000000000167000-memory.dmp

Filesize
220KB

Download
memory/2912-0-0x0000000000400000-0x0000000000437000-memory.dmp

Filesize
220KB

Download
memory/2912-5-0x00000000001C0000-0x00000000001F7000-memory.dmp

Filesize
220KB

Download
memory/2912-11-0x0000000000400000-0x0000000000437000-memory.dmp

Filesize
220KB

Download