Overview

overview

10

Static

static

10

35a5d251ee...cs.exe

windows7-x64

10

35a5d251ee...cs.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    141s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    28-05-2024 06:04

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    35a5d251eea819e5bc7a9a01470e3360_NeikiAnalytics.exe

  • Size

    724KB

  • MD5

    35a5d251eea819e5bc7a9a01470e3360

  • SHA1

    838b96af235e0866e2e76b92a2b52c790228222f

  • SHA256

    ff48c191596335b546ef247c808b2badd6260780662e68293e10975ae8d094df

  • SHA512

    a073abb83825bead15b1087ddf5a3f92caa760a7ef767c4449f822047d7c27cadd62c4f626d110f0816222f8c39f45258d9b64ea9ce172863b055971b9d2b09a

  • SSDEEP

    12288:7B6jfu9W5qVnpA1P9mTx87m7HGA04OBGaSuQalOZeW0dZJBX+pd167QhEQJ:167MnVnpA1lmTx8MmA07AaSuDSwd/BE1

Score
10/10
fakeavfakeavspyware

Malware Config

Signatures

  • FakeAV, RogueAntivirus

    FakeAV or Rogue AntiVirus is a class of malware that displays false alert messages.

    fakeavspywarefakeav
  • FakeAV payload 1 IoCs
    fakeavspyware

Processes

  • C:\Users\Admin\AppData\Local\Temp\35a5d251eea819e5bc7a9a01470e3360_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\35a5d251eea819e5bc7a9a01470e3360_NeikiAnalytics.exe"
    1⤵
      PID:2648

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/2648-0-0x0000000000100000-0x0000000000101000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2648-1-0x0000000000400000-0x00000000004C1000-memory.dmp
      Filesize

      772KB

      Download
    • memory/2648-3-0x0000000000100000-0x0000000000101000-memory.dmp
      Filesize

      4KB

      Download