Analysis
-
max time kernel
147s -
max time network
156s -
platform
windows10-2004_x64 -
resource
win10v2004-20240508-en -
resource tags
arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system -
submitted
01-07-2024 06:53
Static task
static1
Behavioral task
behavioral1
Sample
3d835a8259b8bd53f8db1813396ea04406d92e543a44146fb6e738c4b4400a9d_NeikiAnalytics.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
3d835a8259b8bd53f8db1813396ea04406d92e543a44146fb6e738c4b4400a9d_NeikiAnalytics.exe
Resource
win10v2004-20240508-en
General
-
Target
3d835a8259b8bd53f8db1813396ea04406d92e543a44146fb6e738c4b4400a9d_NeikiAnalytics.exe
-
Size
10KB
-
MD5
66b238fde6288a0d080b19914a530720
-
SHA1
fdf0497777a34442e6f7be54d717f32ed74ba679
-
SHA256
3d835a8259b8bd53f8db1813396ea04406d92e543a44146fb6e738c4b4400a9d
-
SHA512
39405c8b4b081d2782e6241e421c8759aaf4c224acf62577e98d8acf736ab5e701388c4c912684c76aa6eeeaaee6f275926e17bcf964792df611561a58d847ca
-
SSDEEP
96:dwk8dCBjttW4/w14lyiEfULRtWjkPCJ8KawCxSCrmZYqvfucfSevzjD5g5vVE5vv:dwxCtttz/W4lyiEfUHkB8nwCxQDqzu5
Malware Config
Signatures
-
Suspicious use of AdjustPrivilegeToken 1 IoCs
Processes:
3d835a8259b8bd53f8db1813396ea04406d92e543a44146fb6e738c4b4400a9d_NeikiAnalytics.exedescription pid process Token: SeDebugPrivilege 4868 3d835a8259b8bd53f8db1813396ea04406d92e543a44146fb6e738c4b4400a9d_NeikiAnalytics.exe
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/4868-0-0x000000007465E000-0x000000007465F000-memory.dmpFilesize
4KB
-
memory/4868-1-0x0000000000740000-0x0000000000748000-memory.dmpFilesize
32KB
-
memory/4868-2-0x0000000074650000-0x0000000074E00000-memory.dmpFilesize
7.7MB
-
memory/4868-3-0x0000000074650000-0x0000000074E00000-memory.dmpFilesize
7.7MB