Overview

overview

9

Static

static

3

3981090169...cs.exe

windows7-x64

9

3981090169...cs.exe

windows10-2004-x64

9

Analysis

  • max time kernel
    150s
  • max time network
    106s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240426-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system
  • submitted
    22-05-2024 20:56

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    3981090169b63eb42cc83c04b179cf90_NeikiAnalytics.exe

  • Size

    83KB

  • MD5

    3981090169b63eb42cc83c04b179cf90

  • SHA1

    4920c4f2c00befc2d5cd75aecc04339a36904df7

  • SHA256

    3c88b52eccccfbb5ada039afa6f74a2350053ceef5db9852e99b38c03f3d58ef

  • SHA512

    a5a7e06d53140ca8a40f5635c1672ada9bbe350e524157e46aff7adb0deef4f57b284655dd5840f2c3f39c638237989acf8f441770f324637436dd4550ead304

  • SSDEEP

    1536:W7ZDpApYbWjnWf05PG0PG26f0J0aT75T7J:6DWpDWYPxPMCj

Score
9/10
ransomware

Malware Config

Signatures

  • Renames multiple (5000) files with added filename extension

    This suggests ransomware activity of encrypting all the files on the system.

    ransomware
  • Drops file in Program Files directory 64 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\3981090169b63eb42cc83c04b179cf90_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\3981090169b63eb42cc83c04b179cf90_NeikiAnalytics.exe"
    1⤵
    • Drops file in Program Files directory
    PID:464

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\$Recycle.Bin\S-1-5-21-1162180587-977231257-2194346871-1000\desktop.ini.tmp
    Filesize

    84KB

    MD5

    da30fcb3f4a26a94b38fa1826103e3a4

    SHA1

    b7a1317ee32435ec76e935bc2addc2fbcbbde3e7

    SHA256

    f3dddd72c29b6faba843d38809dc394a6e81d8fdc5ab9bb71a81c1db5a579aa8

    SHA512

    b744ff8db3de79a03a22064342004bac82d94010444708f87717d2d3b9d1553070e19da003e4b2691b9b2d129c9c1771c8735776a5bbf68975953defcb98bda4

    Download Submit
  • C:\Program Files\7-Zip\7-zip.dll.tmp
    Filesize

    182KB

    MD5

    23392cb2703b233105a50c0daac7643d

    SHA1

    2ac6ef3fbee8472c70fc8ad02d21281e51f1ba11

    SHA256

    53fba655c3d72ee35b15b6589008e028e964b76dd9e0facf431058a32da1742b

    SHA512

    1feeeea424a9475f587d5a087c93837237369696214171841c257ea29bf4e8138df04647abee6c729a74728e398fc5d88901f53dbe85a9d870951dadde818979

    Download Submit