Overview

overview

9

Static

static

3

8b96ef5aba...cs.exe

windows7-x64

9

8b96ef5aba...cs.exe

windows10-2004-x64

9

Analysis

  • max time kernel
    152s
  • max time network
    156s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240226-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
  • submitted
    01/06/2024, 03:22

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    8b96ef5abac43844402d47123d326e50_NeikiAnalytics.exe

  • Size

    90KB

  • MD5

    8b96ef5abac43844402d47123d326e50

  • SHA1

    ee42dfe867033dfb01de03e9d756f4fea74295fd

  • SHA256

    3992598660ef13e7ad13c00b9d610e49a263a4301c5f1822cd81151ace290f83

  • SHA512

    49504c9420ea70266109d5689059549277ae445f2f4dce7ba24230a1ed4ce0e70b190b91f45bd32479b59a6138fec26cfb99ce34f4ea7859762e24ecea6a3e83

  • SSDEEP

    1536:W7ZrpApojOPG0PGQJwFJwkpe+eTDPfFpsJOfFpsJCAdCjHKPN0Uo:6rWpcOPxPke+e3fFpsJOfFpsJbgEE

Score
9/10
ransomware

Malware Config

Signatures

  • Renames multiple (1367) files with added filename extension

    This suggests ransomware activity of encrypting all the files on the system.

    ransomware
  • Drops file in Program Files directory 64 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\8b96ef5abac43844402d47123d326e50_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\8b96ef5abac43844402d47123d326e50_NeikiAnalytics.exe"
    1⤵
    • Drops file in Program Files directory
    PID:4480
  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=4012 --field-trial-handle=2276,i,11674642242468042059,14711253743544118298,262144 --variations-seed-version /prefetch:8
    1⤵
      PID:1828

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\$Recycle.Bin\S-1-5-21-3808065738-1666277613-1125846146-1000\desktop.ini.tmp
      Filesize

      90KB

      MD5

      c268273a496efa19fda411400fcc7302

      SHA1

      809d85f8d8117cd04382145050d1c00788bb0335

      SHA256

      f33e14f01a40ca80b05aa976cc6fc6541253ae33db0ad87efba1f9a375c10575

      SHA512

      7a313b2546e600606b51b2c28ce3ac28d54119532f448f3d0360da17efb35ea7e1f70b5789585c4e03e4e8f9f9b3d955f76fa79646c61a7194da52ca5ac15417

      Download Submit

    • C:\libsmartscreen.dll.tmp
      Filesize

      90KB

      MD5

      2a1285f2e5fa2808955bc88ba7bcd1ce

      SHA1

      f98e7a8ebb306c16bbf65ae4e9e972456956298a

      SHA256

      83445771e30c9a0ea919080548a0cd46a17dd20f24a1ea4a00106d1c1af702b5

      SHA512

      af92cf67a41bbe1faf277596734dda78657c382df786a1c9c9d7edee4375dca13fe81d9b5c48111c160b94d78ef3abaade5b5e980e20e0bcb879bdf188fb6d36

      Download Submit