493d02d14d92fb5825701fd358c6f7fed33d9a6ce0a713f50216aebd62b11b36

Analysis

max time kernel
118s
max time network
119s
platform
windows7_x64
resource
win7-20240419-en
resource tags

arch:x64arch:x86image:win7-20240419-enlocale:en-usos:windows7-x64system
submitted
01/07/2024, 10:03

Target

493d02d14d92fb5825701fd358c6f7fed33d9a6ce0a713f50216aebd62b11b36_NeikiAnalytics.exe
Size

412KB
MD5

2d3d4a6c857eccdb96c8133d1a423620
SHA1

2eefb03d0bff3d2a70b061c140d212e92d053107
SHA256

493d02d14d92fb5825701fd358c6f7fed33d9a6ce0a713f50216aebd62b11b36
SHA512

617fff7e9b96859b354a81633528c7176b7cb324200698add502f04d081e59f13a8ea2bade3888fc68c21ffc17ad3e30a52493141b7c83c046a740c650b1de83
SSDEEP

12288:DeQikqv1PaCm29pF+RbGmN9+OGzSpKEWsrlVk3HTREacg4Clr3:1qaCmtbGmN9+OGzSpKEWsrlVk3HTREa7

Score

7^/10

Deletes itself 1 IoCs

pid	Process
2212	493d02d14d92fb5825701fd358c6f7fed33d9a6ce0a713f50216aebd62b11b36_NeikiAnalytics.exe

Executes dropped EXE 1 IoCs

pid	Process
2212	493d02d14d92fb5825701fd358c6f7fed33d9a6ce0a713f50216aebd62b11b36_NeikiAnalytics.exe

Loads dropped DLL 1 IoCs

pid	Process
1028	493d02d14d92fb5825701fd358c6f7fed33d9a6ce0a713f50216aebd62b11b36_NeikiAnalytics.exe

Suspicious behavior: RenamesItself 1 IoCs

pid	Process
1028	493d02d14d92fb5825701fd358c6f7fed33d9a6ce0a713f50216aebd62b11b36_NeikiAnalytics.exe

Suspicious use of UnmapMainImage 1 IoCs

pid	Process
2212	493d02d14d92fb5825701fd358c6f7fed33d9a6ce0a713f50216aebd62b11b36_NeikiAnalytics.exe

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 1028 wrote to memory of 2212	1028	493d02d14d92fb5825701fd358c6f7fed33d9a6ce0a713f50216aebd62b11b36_NeikiAnalytics.exe	29
PID 1028 wrote to memory of 2212	1028	493d02d14d92fb5825701fd358c6f7fed33d9a6ce0a713f50216aebd62b11b36_NeikiAnalytics.exe	29
PID 1028 wrote to memory of 2212	1028	493d02d14d92fb5825701fd358c6f7fed33d9a6ce0a713f50216aebd62b11b36_NeikiAnalytics.exe	29
PID 1028 wrote to memory of 2212	1028	493d02d14d92fb5825701fd358c6f7fed33d9a6ce0a713f50216aebd62b11b36_NeikiAnalytics.exe	29

\Users\Admin\AppData\Local\Temp\493d02d14d92fb5825701fd358c6f7fed33d9a6ce0a713f50216aebd62b11b36_NeikiAnalytics.exe

Filesize
412KB

MD5
ca6f1f6b245f30826e805500c548790a

SHA1
58518d9150efdad8ecf68344e314e609d12e5f40

SHA256
1f79266b238f0796f3854a88181ed479f2ec300b182a425c8c4551e6fb8e1274

SHA512
3aa81fa91b691d4f6afe79007049c5674aa510b789dab72f03aa2d542de2b40d498bd8b25c2c52d08721dbadbaa39f3350ae435d40ad874ba19f27fcf5dcb176

Download Submit
memory/1028-0-0x0000000000400000-0x0000000000439000-memory.dmp

Filesize
228KB

Download
memory/1028-8-0x0000000000400000-0x0000000000439000-memory.dmp

Filesize
228KB

Download
memory/2212-10-0x0000000000400000-0x0000000000439000-memory.dmp

Filesize
228KB

Download
memory/2212-16-0x0000000000130000-0x0000000000169000-memory.dmp

Filesize
228KB

Download
memory/2212-11-0x0000000000400000-0x000000000041A000-memory.dmp

Filesize
104KB

Download