Analysis

  • max time kernel
    150s
  • max time network
    118s
  • platform
    windows7_x64
  • resource
    win7-20240220-en
  • resource tags

    arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system
  • submitted
    12-06-2024 12:56

General

  • Target

    3c20a98584d3643532cf4f67d9a68d00_NeikiAnalytics.exe

  • Size

    88KB

  • MD5

    3c20a98584d3643532cf4f67d9a68d00

  • SHA1

    1cd9430360aa9153dac2892eb135bb45c7f4ea27

  • SHA256

    edf1270237e127d44b318d9fdaa36b30ef0b614f3f17b9d7f8aed1bd12d33800

  • SHA512

    c97421949cc712e1ff665386a9421302e35ad6a13ba8e028a2a5cbd53f38ed127ad3c6b92dec5e8523de3e12bcbdc0710a6ae9a233a5d1844c9b12331cf625b9

  • SSDEEP

    1536:W7ZDpApYbWjIlE77ufL2e+efZwZQ/8S/80PqP2:6DWpwE7oL2e+efZwZ08i8o

Score
9/10

Malware Config

Signatures

  • Renames multiple (3591) files with added filename extension

    This suggests ransomware activity of encrypting all the files on the system.

  • Drops file in Program Files directory 64 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\3c20a98584d3643532cf4f67d9a68d00_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\3c20a98584d3643532cf4f67d9a68d00_NeikiAnalytics.exe"
    1⤵
    • Drops file in Program Files directory
    PID:1936

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\$Recycle.Bin\S-1-5-21-2721934792-624042501-2768869379-1000\desktop.ini.tmp

    Filesize

    88KB

    MD5

    1b6356e3a3f9a53fdac454e0b58a7cb7

    SHA1

    09380a8f337e4a40e46aef696b70ccf024da2de2

    SHA256

    97bcf8cab7f4afb753203a61071eae929adcd21a11874c79727ac545762fb18f

    SHA512

    3f0d72a42202d6e1d07999acfb405278ad8a921194c3bb0dee6bfeb5b9708ec84deabee29163c3b82dc8171da8e0a05c6fae1119a0034a00c6969daca5b63aed

  • C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp

    Filesize

    97KB

    MD5

    77a74cefb7aba12d2aa1b47d4b83bccf

    SHA1

    b019236b007e3a1dc643a6840aab1eb93f195bb8

    SHA256

    a737a8c20cf8e0021e9149cccdaddcb22707bea58e67d5301b536248dc83d7c9

    SHA512

    c23d2c14e24ead7cf3824395d1554617bfa975ff9145d7f7d74186181d94aca0d3682e244a901221a55d99572310d3fe21d2076920f2efdf05bd8e36c6d150e9