Analysis

  • max time kernel
    149s
  • max time network
    121s
  • platform
    windows7_x64
  • resource
    win7-20240611-en
  • resource tags

    arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
  • submitted
    12-06-2024 12:18

General

  • Target

    39d60a42b89b07b7b240f8e1888da680_NeikiAnalytics.exe

  • Size

    316KB

  • MD5

    39d60a42b89b07b7b240f8e1888da680

  • SHA1

    a8c1858e89a40264f051458256fe12fb8f8cc827

  • SHA256

    9858b969a16faf308aea54fc411c52a9e4dfed285a3e6f9300cb23e7bd6fec19

  • SHA512

    e9eab67608172d16acb02c8531d183e58eda661762cd717b8b676446a3f86109c757281ab7e977b6e777b301624850df084e51631fb3bbffb51adab044464d59

  • SSDEEP

    6144:tFPxPke+eIr9RUxfKIuqBcKxNWdp+bkrdHs1lpaSL4vt7:3PxPir9RyiIuGcKbpaSL4vt7

Score
9/10

Malware Config

Signatures

  • Renames multiple (2811) files with added filename extension

    This suggests ransomware activity of encrypting all the files on the system.

  • Drops file in Program Files directory 64 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\39d60a42b89b07b7b240f8e1888da680_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\39d60a42b89b07b7b240f8e1888da680_NeikiAnalytics.exe"
    1⤵
    • Drops file in Program Files directory
    PID:2148

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\$Recycle.Bin\S-1-5-21-1340930862-1405011213-2821322012-1000\desktop.ini.tmp

    Filesize

    317KB

    MD5

    391bf1813bf7795780ebb4171a5b8d79

    SHA1

    015f4bb8e9dc5397ebdbcb3fea84b06252792ff8

    SHA256

    08392a14e1a798e1664b5fdc3b09c69dc06942bd3e9aba9893b9006b819380fa

    SHA512

    be85d84f6cac2a255116b422d7fd3b7bffa449fb2c1ba038f6786146745c7c064f1820b356553c9424ab4a82747f3d9a9cdc7684e71b365420e42dc0a7dc443a

  • C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp

    Filesize

    326KB

    MD5

    589cbc87235e65d1643cfdaab080a0f6

    SHA1

    17948470441d9427833cf0cff56ed83f4e26dbf1

    SHA256

    28f67dfe993fcc45e3799fb875052d4329d3bfec8443ef879789ddc638de7bf8

    SHA512

    efe766954a6f9a5d911d257c4b38bb35ddfccfab1763e1b6ce3b14e032d1e186155822adf7b90a570f810e0fb1f19c85f555e8c85c76ed90f4f1c92b26c2acc1