Analysis

  • max time kernel
    129s
  • max time network
    93s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240508-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
  • submitted
    08/06/2024, 04:04

General

  • Target

    8a4d625be3d4b41c273cf291a09203a0_NeikiAnalytics.exe

  • Size

    80KB

  • MD5

    8a4d625be3d4b41c273cf291a09203a0

  • SHA1

    4e1c31f8558921210c48008e11206c9784120760

  • SHA256

    39ee7127322c5ad2a3fc5d8ec2ca7345ec3eee6b73625ba69dd3c354a1797a2f

  • SHA512

    e9523cd943a1d7b668a240d2260df3d57aee594f4fe4e779f24131025710e334a5587fbc0d5bb2911d92228fbd5191038101ec62a37047aa04ffbbada3429bca

  • SSDEEP

    1536:W7ZDpApYbWjIlE77ufL2e+efZwZQ/8S/86:6DWpwE7oL2e+efZwZ08i86

Score
9/10

Malware Config

Signatures

  • Renames multiple (4744) files with added filename extension

    This suggests ransomware activity of encrypting all the files on the system.

  • Drops file in Program Files directory 64 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\8a4d625be3d4b41c273cf291a09203a0_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\8a4d625be3d4b41c273cf291a09203a0_NeikiAnalytics.exe"
    1⤵
    • Drops file in Program Files directory
    PID:1856

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\$Recycle.Bin\S-1-5-21-1337824034-2731376981-3755436523-1000\desktop.ini.tmp

          Filesize

          80KB

          MD5

          092e4c817943cf4b56a6b2df0ca884e7

          SHA1

          fa8384b2db330f038623ce4f47fb5bd28522fcaa

          SHA256

          ed1a6a65b37d222190e6b6ef863b95df4e76e2705cd960266a678fe2b4b1af68

          SHA512

          96b56b34b24380b2ce2c4274136ceece3560c7f74d61a4e8b8bcb0fba10e5b8e18e7f8472b647904bae571a7afc4fb05553ab875ab633099087fbef455b647a5

        • C:\Program Files\7-Zip\7-zip.dll.tmp

          Filesize

          179KB

          MD5

          5c1bfdc53ec9833975a11a9398517019

          SHA1

          f6038fa3672f2018ef2124d6edb551b6ca11d9cc

          SHA256

          717a85d6facd867712cb96a66e2b9dfb619abb9fd3dcda16f9f36098aaeb9440

          SHA512

          a166be15c8e1c636474c3eb02d1bb04c421538365c5da93aeca9b586d27ffc97bce1f331acbe855dc8ad703aefb05d5cd44cae0c40ebabbae76cddb39ecd38b0