98d75ab9e5f8f973a2a8bab1d92b7c3a6d13d636a98604477becb508c4f24973

Analysis

max time kernel
119s
max time network
126s
platform
windows7_x64
resource
win7-20240611-en
resource tags

arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
submitted
28-06-2024 12:56

Target

98d75ab9e5f8f973a2a8bab1d92b7c3a6d13d636a98604477becb508c4f24973_NeikiAnalytics.exe
Size

664KB
MD5

77ff81088439d0348a5280ee462b26f0
SHA1

b62de756198239959739e3805ea443a0770f1f16
SHA256

98d75ab9e5f8f973a2a8bab1d92b7c3a6d13d636a98604477becb508c4f24973
SHA512

b0d06d7dcda2cc2f02d727cebfa3bfee1d78fc7afdf7c8e58d3a041f63a4e1c9b7f93d10e5ee54804ebde16889650d71a5d9fb1577b6e592e2b925440488c7b9
SSDEEP

12288:O2ZRx20xfdFMjzcJgGagn1MBHsBYKbx11ZhgpXPrYw75/choKFK6O3C9ljU:RbDLMj8gwn1MBM9bx1mNrYw7JchXFyIl

Score

7^/10

VMProtect packed file 3 IoCs

Detects executables packed with VMProtect commercial packer.

Processes:

resource	yara_rule
behavioral1/memory/2216-0-0x00000000009C0000-0x0000000000BC5000-memory.dmp	vmprotect
behavioral1/memory/2216-2-0x00000000009C0000-0x0000000000BC5000-memory.dmp	vmprotect
behavioral1/memory/2216-5-0x00000000009C0000-0x0000000000BC5000-memory.dmp	vmprotect

C:\Users\Admin\AppData\Local\Temp\98d75ab9e5f8f973a2a8bab1d92b7c3a6d13d636a98604477becb508c4f24973_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\98d75ab9e5f8f973a2a8bab1d92b7c3a6d13d636a98604477becb508c4f24973_NeikiAnalytics.exe"
1⤵
PID:2216

memory/2216-0-0x00000000009C0000-0x0000000000BC5000-memory.dmp

Filesize
2.0MB

Download
memory/2216-2-0x00000000009C0000-0x0000000000BC5000-memory.dmp

Filesize
2.0MB

Download
memory/2216-5-0x00000000009C0000-0x0000000000BC5000-memory.dmp

Filesize
2.0MB

Download