Overview

overview

9

Static

static

3

18b54ef2d3...cs.exe

windows7-x64

9

18b54ef2d3...cs.exe

windows10-2004-x64

9

Analysis

  • max time kernel
    149s
  • max time network
    151s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240508-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
  • submitted
    25-05-2024 20:12

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    18b54ef2d38949827b32b5bb55df0910_NeikiAnalytics.exe

  • Size

    85KB

  • MD5

    18b54ef2d38949827b32b5bb55df0910

  • SHA1

    59e75b8d871f54948f50f9391c2334e97d474068

  • SHA256

    1c4d2eefd9e1a550cf5fb1fc5608fae4842bf8df580b1b328ccf5f9ad054c4dd

  • SHA512

    62b3ba2aab5e3179cecd385e66062fb50674ce5891a4c15d40057232b8b75ade15f5eff3ecc051a8f33f8613c3eb5bbeab7a62998f05e33853e80bb9057594e3

  • SSDEEP

    1536:W7ZhA7pApMaxB4b0CYJ97lEVqNR7Yge+eJG/x/0VXau:6e7WpMaxeb0CYJ97lEYNR73e+eKZ0VXr

Score
9/10
ransomware

Malware Config

Signatures

  • Renames multiple (5008) files with added filename extension

    This suggests ransomware activity of encrypting all the files on the system.

    ransomware
  • Drops file in Program Files directory 64 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\18b54ef2d38949827b32b5bb55df0910_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\18b54ef2d38949827b32b5bb55df0910_NeikiAnalytics.exe"
    1⤵
    • Drops file in Program Files directory
    PID:3964

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\$Recycle.Bin\S-1-5-21-4124900551-4068476067-3491212533-1000\desktop.ini.tmp
    Filesize

    85KB

    MD5

    efc33dc913a3ee8c99e999a57d0adfc3

    SHA1

    248bd48c47b485894018ca56150a973e33d20cf1

    SHA256

    4d3d4e077d8c0e01cf117e918882e3548e435041d978ee0897d9ce29a85c1fe8

    SHA512

    a3e06b99709d39a5815f85088d22b54a0fe4f253711d17fc653525c74d7c0faf718bb08ff9db09b801a084904df2fdcd1a44b5c27ea0e698bf5a9d7a63b6c3b5

    Download Submit
  • C:\Program Files\7-Zip\7-zip.dll.tmp
    Filesize

    184KB

    MD5

    fff0a22a0bbd3d1e3d657ee91f5642c3

    SHA1

    8dd2860cae56bacbeb77be2d9a6fc36c3cad39b8

    SHA256

    ae4d32a2c77bce334ab7d0ac970552318383e60e48cd6de045ec0231f03be3cc

    SHA512

    87129fed730726611f44207227cadd3651428f2c5e339a2ba0c26fa57ebdbcdae73959fd56751f439733b0ddc64f9b5476c811cbd3257d89f730b1a9e0e403f3

    Download Submit