Analysis

  • max time kernel
    149s
  • max time network
    125s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240611-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240611-enlocale:en-usos:windows10-2004-x64system
  • submitted
    12-06-2024 11:53

General

  • Target

    3860af987b6af9ccc546516ad39313f0_NeikiAnalytics.exe

  • Size

    46KB

  • MD5

    3860af987b6af9ccc546516ad39313f0

  • SHA1

    6813aac990c4779eefbd944f99427755bde6d135

  • SHA256

    db430c57d7285cf7f39b4246b47f385e565b5f94859bde11c2ab30ec31b1fcbf

  • SHA512

    cdbce4772d03d81307855f60dd26a8df949d97924450245967b2324d87f1d6d214e230f87038d375f54a8b69bff095cd373c69443ce2e0c055a34b443f9a933b

  • SSDEEP

    384:GBt7Br5xjL9AgA71FbhvuNBNsjLKoWFKryoWFKrxxbNgbNj:W7BlpppARFbhWJQix

Score
9/10

Malware Config

Signatures

  • Renames multiple (5191) files with added filename extension

    This suggests ransomware activity of encrypting all the files on the system.

  • Drops file in Program Files directory 64 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\3860af987b6af9ccc546516ad39313f0_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\3860af987b6af9ccc546516ad39313f0_NeikiAnalytics.exe"
    1⤵
    • Drops file in Program Files directory
    PID:4476

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\$Recycle.Bin\S-1-5-21-200405930-3877336739-3533750831-1000\desktop.ini.tmp

    Filesize

    46KB

    MD5

    1482071453433bc1121a65883d47e8ec

    SHA1

    7fb0c329560092320d525287d72decb0895e2d96

    SHA256

    1fd0a05b3c985c707fefc45ef21982f05b45773037ca5cc9e5f1663ec02d301e

    SHA512

    3a339875a8c4ffecc0ce92001c97c30b01ad88edc458fd6b2f040f5b73f48124ff5a5faa42e65ab8a750f175187fe34a7266bfacc8bb5b514965b3aa8811e46c

  • C:\Program Files\7-Zip\7-zip.dll.tmp

    Filesize

    145KB

    MD5

    9b6646422a5cb77d070e244e94abc4fd

    SHA1

    01451684165defd369bc01926c2f15ad7b44b1d8

    SHA256

    5d2b388bef0145dc655818b52220e5fc6856c4fda17d96e4332ce98810914596

    SHA512

    b599291beb5f6ef0a62d97b318e3da77c1fe9a1e53c5c5749b2e6a8d02f2a600e4a43ce88c915cbc580788d55eddb62dbba1187e6801a34434be88ba5f627b9c