Overview

overview

9

Static

static

3

6b17331186...cs.exe

windows7-x64

9

6b17331186...cs.exe

windows10-2004-x64

9

Analysis

  • max time kernel
    150s
  • max time network
    104s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240426-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system
  • submitted
    25-05-2024 11:00

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    6b17331186a5cc3e08288eddb5b32e10_NeikiAnalytics.exe

  • Size

    87KB

  • MD5

    6b17331186a5cc3e08288eddb5b32e10

  • SHA1

    27579e13ef1682a0ee8a0d48bda017132044276e

  • SHA256

    0489ec0e9e7eea188ad51a32503cf5942dbf5bc3cd8e5c23c79e395644a80613

  • SHA512

    4cd2f87f5de14f10dbed0b89568e38626119715ce8c49afd1489cf383601b3c7f3ce282fef1cec0ecb3f26b1864ed7c80f3c38e68380ae393dc7c2790195eb7d

  • SSDEEP

    1536:W7ZhA7pApMaxB4b0CYJ97lEVqNR7Yge+eJG/x/2v4FL:6e7WpMaxeb0CYJ97lEYNR73e+eKZ9FL

Score
9/10
ransomware

Malware Config

Signatures

  • Renames multiple (5123) files with added filename extension

    This suggests ransomware activity of encrypting all the files on the system.

    ransomware
  • Drops file in Program Files directory 64 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\6b17331186a5cc3e08288eddb5b32e10_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\6b17331186a5cc3e08288eddb5b32e10_NeikiAnalytics.exe"
    1⤵
    • Drops file in Program Files directory
    PID:1656

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\$Recycle.Bin\S-1-5-21-3906287020-2915474608-1755617787-1000\desktop.ini.tmp
    Filesize

    87KB

    MD5

    61e9099b3f9481302b3fcd1e003e7398

    SHA1

    fd209fef647e7c9fbc49e9ad4c98c242440b6188

    SHA256

    61e3fabde7aba1d2d3cd078cca3879387252e21eb862b0657f4cd6590fadc0b0

    SHA512

    7b82b6694c4ba89ee40ce23d5a4169bc1195f30661866915a0e16912f6ce09a93bd2d32f8465f41d4f7d13f73e1cbe480eaca28692121bf78aa763c96fe6441a

    Download Submit

  • C:\Program Files\7-Zip\7-zip.dll.tmp
    Filesize

    186KB

    MD5

    7b57557819cbe4715b3edfccc28964ae

    SHA1

    5adaa2a7e3531bfa660dd1359ef1067827080b7e

    SHA256

    078278eeabb764c17b2c61ce68aa8f659696be9d6fee78232264cf335eb7ce48

    SHA512

    5fc6a7f23e87aa108670c190fb958a9c4489aa85c237c8acd6613264895ff7d62bec5bd907f6b04b8a7079180be6172d6745497ca01cda8ca1cf6a82ed88166a

    Download Submit