Overview
overview
7Static
static
7nEO iMAGIN...es.dll
windows7-x64
3nEO iMAGIN...es.dll
windows10-2004-x64
3nEO iMAGIN...or.htm
windows7-x64
1nEO iMAGIN...or.htm
windows10-2004-x64
1nEO iMAGIN...or.htm
windows7-x64
1nEO iMAGIN...or.htm
windows10-2004-x64
1nEO iMAGING/IJL15.dll
windows7-x64
1nEO iMAGING/IJL15.dll
windows10-2004-x64
1nEO iMAGIN...71.dll
windows7-x64
3nEO iMAGIN...71.dll
windows10-2004-x64
3nEO iMAGIN...71.dll
windows7-x64
3nEO iMAGIN...71.dll
windows10-2004-x64
3nEO iMAGIN...nt.dll
windows7-x64
1nEO iMAGIN...nt.dll
windows10-2004-x64
1nEO iMAGIN...ce.dll
windows7-x64
1nEO iMAGIN...ce.dll
windows10-2004-x64
1nEO iMAGIN...st.dll
windows7-x64
3nEO iMAGIN...st.dll
windows10-2004-x64
3nEO iMAGING/atl71.dll
windows7-x64
1nEO iMAGING/atl71.dll
windows10-2004-x64
1nEO iMAGIN...mm.dll
windows7-x64
3nEO iMAGIN...mm.dll
windows10-2004-x64
1nEO iMAGIN...ap.dll
windows7-x64
3nEO iMAGIN...ap.dll
windows10-2004-x64
3nEO iMAGIN...NG.exe
windows7-x64
1nEO iMAGIN...NG.exe
windows10-2004-x64
1nEO iMAGIN...c.html
windows7-x64
1nEO iMAGIN...c.html
windows10-2004-x64
1nEO iMAGIN...s1.dll
windows7-x64
1nEO iMAGIN...s1.dll
windows10-2004-x64
1nEO iMAGIN...s2.dll
windows7-x64
1nEO iMAGIN...s2.dll
windows10-2004-x64
1Analysis
-
max time kernel
122s -
max time network
130s -
platform
windows7_x64 -
resource
win7-20240704-en -
resource tags
arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system -
submitted
22-07-2024 23:56
Behavioral task
behavioral1
Sample
nEO iMAGING/BitMapRes.dll
Resource
win7-20240704-en
windows7-x64
Behavioral task
behavioral2
Sample
nEO iMAGING/BitMapRes.dll
Resource
win10v2004-20240709-en
windows10-2004-x64
Behavioral task
behavioral3
Sample
nEO iMAGING/DefaultPage/adError.htm
Resource
win7-20240704-en
windows7-x64
Behavioral task
behavioral4
Sample
nEO iMAGING/DefaultPage/adError.htm
Resource
win10v2004-20240709-en
windows10-2004-x64
Behavioral task
behavioral5
Sample
nEO iMAGING/DefaultPage/error.htm
Resource
win7-20240704-en
windows7-x64
Behavioral task
behavioral6
Sample
nEO iMAGING/DefaultPage/error.htm
Resource
win10v2004-20240709-en
windows10-2004-x64
Behavioral task
behavioral7
Sample
nEO iMAGING/IJL15.dll
Resource
win7-20240704-en
windows7-x64
Behavioral task
behavioral8
Sample
nEO iMAGING/IJL15.dll
Resource
win10v2004-20240709-en
windows10-2004-x64
Behavioral task
behavioral9
Sample
nEO iMAGING/MSVCP71.dll
Resource
win7-20240708-en
windows7-x64
Behavioral task
behavioral10
Sample
nEO iMAGING/MSVCP71.dll
Resource
win10v2004-20240709-en
windows10-2004-x64
Behavioral task
behavioral11
Sample
nEO iMAGING/MSVCR71.dll
Resource
win7-20240705-en
windows7-x64
Behavioral task
behavioral12
Sample
nEO iMAGING/MSVCR71.dll
Resource
win10v2004-20240709-en
windows10-2004-x64
Behavioral task
behavioral13
Sample
nEO iMAGING/NeoAgent.dll
Resource
win7-20240705-en
windows7-x64
Behavioral task
behavioral14
Sample
nEO iMAGING/NeoAgent.dll
Resource
win10v2004-20240709-en
windows10-2004-x64
Behavioral task
behavioral15
Sample
nEO iMAGING/Resource.dll
Resource
win7-20240705-en
windows7-x64
Behavioral task
behavioral16
Sample
nEO iMAGING/Resource.dll
Resource
win10v2004-20240709-en
windows10-2004-x64
Behavioral task
behavioral17
Sample
nEO iMAGING/SiteList.dll
Resource
win7-20240708-en
windows7-x64
Behavioral task
behavioral18
Sample
nEO iMAGING/SiteList.dll
Resource
win10v2004-20240709-en
windows10-2004-x64
Behavioral task
behavioral19
Sample
nEO iMAGING/atl71.dll
Resource
win7-20240708-en
windows7-x64
Behavioral task
behavioral20
Sample
nEO iMAGING/atl71.dll
Resource
win10v2004-20240709-en
windows10-2004-x64
Behavioral task
behavioral21
Sample
nEO iMAGING/borlndmm.dll
Resource
win7-20240704-en
windows7-x64
Behavioral task
behavioral22
Sample
nEO iMAGING/borlndmm.dll
Resource
win10v2004-20240709-en
windows10-2004-x64
Behavioral task
behavioral23
Sample
nEO iMAGING/easysnap.dll
Resource
win7-20240704-en
windows7-x64
Behavioral task
behavioral24
Sample
nEO iMAGING/easysnap.dll
Resource
win10v2004-20240709-en
windows10-2004-x64
Behavioral task
behavioral25
Sample
nEO iMAGING/nEOiMAGING.exe
Resource
win7-20240704-en
windows7-x64
Behavioral task
behavioral26
Sample
nEO iMAGING/nEOiMAGING.exe
Resource
win10v2004-20240709-en
windows10-2004-x64
Behavioral task
behavioral27
Sample
nEO iMAGING/niIEMagic.html
Resource
win7-20240704-en
windows7-x64
Behavioral task
behavioral28
Sample
nEO iMAGING/niIEMagic.html
Resource
win10v2004-20240709-en
windows10-2004-x64
Behavioral task
behavioral29
Sample
nEO iMAGING/niUtils1.dll
Resource
win7-20240705-en
windows7-x64
Behavioral task
behavioral30
Sample
nEO iMAGING/niUtils1.dll
Resource
win10v2004-20240709-en
windows10-2004-x64
Behavioral task
behavioral31
Sample
nEO iMAGING/niUtils2.dll
Resource
win7-20240704-en
windows7-x64
Behavioral task
behavioral32
Sample
nEO iMAGING/niUtils2.dll
Resource
win10v2004-20240709-en
windows10-2004-x64
General
-
Target
nEO iMAGING/niUtils2.dll
-
Size
312KB
-
MD5
f327a8e9d88bfa11e806faca0e17c7da
-
SHA1
883f5c2142380f9fa04bd4c418670fe71b8aee9e
-
SHA256
cf14ce795dd22236ebde91177cbe63639e07c3d23349d664349793022a6b6ee7
-
SHA512
062f01b6a9835bd764ea921fc3d94c7f8db82b335bd88ec3b10d0ba653052c892d32de1f743c6b061836674c5a5878b94254e30105956252197353142ba04ea2
-
SSDEEP
6144:UEdXJJcx19mjvUZ8Oviwj8Z/imVTR/4Z/m3Y6eAO7tq:bJcx19qva8OKwjG6ihHI6eG
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 7 IoCs
description pid Process procid_target PID 2120 wrote to memory of 1916 2120 rundll32.exe 31 PID 2120 wrote to memory of 1916 2120 rundll32.exe 31 PID 2120 wrote to memory of 1916 2120 rundll32.exe 31 PID 2120 wrote to memory of 1916 2120 rundll32.exe 31 PID 2120 wrote to memory of 1916 2120 rundll32.exe 31 PID 2120 wrote to memory of 1916 2120 rundll32.exe 31 PID 2120 wrote to memory of 1916 2120 rundll32.exe 31