Overview

overview

9

Static

static

3

813ebde304...cs.exe

windows7-x64

9

813ebde304...cs.exe

windows10-2004-x64

9

Analysis

  • max time kernel
    154s
  • max time network
    160s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240226-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
  • submitted
    23-05-2024 03:19

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    813ebde304c11ea296a66ea152a562a0_NeikiAnalytics.exe

  • Size

    82KB

  • MD5

    813ebde304c11ea296a66ea152a562a0

  • SHA1

    93c813a28c80e62aab7b68cafad027e8f00c3a91

  • SHA256

    55be583882664e7fc99a582e9af1d385151a28efe628492df125af16b6f884d8

  • SHA512

    bebee714cb9b5e66da33c63018ebf841efce7c22bae2580a82637ef42f0d52cadbb3cd13513c4a5484a4b053f1b9320df4c777320aa049aff31628aba5e4d179

  • SSDEEP

    192:tACUADIY0Br5xjL/FAgAQmP1oynLb22v29HWvHWY7GG7GljAO9iOghZ3yAO9iOg/:GBt7Br5xjL9AgA71FbhvoBlcQ4NQ4/

Score
9/10
ransomware

Malware Config

Signatures

  • Renames multiple (1281) files with added filename extension

    This suggests ransomware activity of encrypting all the files on the system.

    ransomware
  • Drops file in Program Files directory 64 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\813ebde304c11ea296a66ea152a562a0_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\813ebde304c11ea296a66ea152a562a0_NeikiAnalytics.exe"
    1⤵
    • Drops file in Program Files directory
    PID:2104
  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=1312 --field-trial-handle=2284,i,9807419199535700662,2319175108930815708,262144 --variations-seed-version /prefetch:8
    1⤵
      PID:412

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\$Recycle.Bin\S-1-5-21-3808065738-1666277613-1125846146-1000\desktop.ini.tmp
      Filesize

      83KB

      MD5

      2507aa0e2a84519f74a72fc867da3006

      SHA1

      d6460065f4a912ab028fa214d90aa5dd67c10b75

      SHA256

      591226d2841eb3c1becf0c248604dfd281308a40108a2ca2970f9fdf36ae2065

      SHA512

      057e39ef35df8734a5329cc8fbcba30ac820dd8f59890e8f21079fb245e59ad055acabdd061ac04a298d691b9942fe4cd326518a136608b83d70bdee5b4876d3

      Download Submit

    • C:\libsmartscreen.dll.tmp
      Filesize

      82KB

      MD5

      75eedf329bb6f355a2db22ca71092b68

      SHA1

      478f07557995623e6df6005e3b51fcd4c5247336

      SHA256

      d3b515b603cc25c8e746fd2a3524f3c113db31aebbd0c5275a99dfa54e8fad72

      SHA512

      809562b43aa7e54c2be038e32c5f20f416b684aa88196068bab58aab3a36e34d2442c9f63353cb53375a88d48d30a403739c209800281fead3c2190de7735404

      Download Submit