Analysis
-
max time kernel
119s -
max time network
120s -
platform
windows7_x64 -
resource
win7-20240508-en -
resource tags
arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system -
submitted
22-05-2024 20:40
Static task
static1
Behavioral task
behavioral1
Sample
36728335a16abb686286209d22f1e830_NeikiAnalytics.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
36728335a16abb686286209d22f1e830_NeikiAnalytics.exe
Resource
win10v2004-20240508-en
General
-
Target
36728335a16abb686286209d22f1e830_NeikiAnalytics.exe
-
Size
33KB
-
MD5
36728335a16abb686286209d22f1e830
-
SHA1
620713436ad494a9ae714fe28fbc423fee675696
-
SHA256
6edc5a04300f184fc72a76ab15df066974deda83c1e6ca28bd833a0639188205
-
SHA512
7755e5c2e21597d86a3d33f81f2b3ffa957c0598829614dc53cbebb5abe16b5f58e2e6066fa5fdb6b25a4e959cb24d6ce7dd82e8353bd89d62d8f4fd06c171c1
-
SSDEEP
384:l6K154FssYzlZFAJFr4Y4EaI3SBMOj+tadAYWueAY0VKFUFHQSUbkb4M08tMnwCt:VM5WactTYjcQ3bkbDunwPxTz0YKck
Malware Config
Signatures
-
Drops desktop.ini file(s) 2 IoCs
Processes:
36728335a16abb686286209d22f1e830_NeikiAnalytics.exedescription ioc process File opened for modification C:\$RECYCLE.BIN\S-1-5-21-3691908287-3775019229-3534252667-1000\desktop.ini 36728335a16abb686286209d22f1e830_NeikiAnalytics.exe File opened for modification F:\$RECYCLE.BIN\S-1-5-21-3691908287-3775019229-3534252667-1000\desktop.ini 36728335a16abb686286209d22f1e830_NeikiAnalytics.exe -
Enumerates connected drives 3 TTPs 1 IoCs
Attempts to read the root path of hard drives other than the default C: drive.
Processes:
36728335a16abb686286209d22f1e830_NeikiAnalytics.exedescription ioc process File opened (read-only) \??\F: 36728335a16abb686286209d22f1e830_NeikiAnalytics.exe
Processes
Network
MITRE ATT&CK Matrix ATT&CK v13
Replay Monitor
Loading Replay Monitor...
Downloads
-
F:\$RECYCLE.BIN\S-1-5-21-3691908287-3775019229-3534252667-1000\desktop.iniFilesize
129B
MD5a526b9e7c716b3489d8cc062fbce4005
SHA12df502a944ff721241be20a9e449d2acd07e0312
SHA256e1b9ce9b57957b1a0607a72a057d6b7a9b34ea60f3f8aa8f38a3af979bd23066
SHA512d83d4c656c96c3d1809ad06ce78fa09a77781461c99109e4b81d1a186fc533a7e72d65a4cb7edf689eeccda8f687a13d3276f1111a1e72f7c3cd92a49bce0f88