Analysis

  • max time kernel
    150s
  • max time network
    120s
  • platform
    windows7_x64
  • resource
    win7-20240611-en
  • resource tags

    arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
  • submitted
    12-06-2024 13:14

General

  • Target

    3d53abd50b7f44f58cb1b40c619ca680_NeikiAnalytics.exe

  • Size

    47KB

  • MD5

    3d53abd50b7f44f58cb1b40c619ca680

  • SHA1

    bf84989c9ac5afd9e774af68576f17e72e03deaf

  • SHA256

    9e2a86ecc9867ea28ba3021aa055daa56b93f1b82a3300bda03eb6e9b629623c

  • SHA512

    416fa9b1a17537bc8ade152d3fc35f13a00c6dd9a854804b325c828874879f7c3da63330442165a6eec0686f0abc3ca7fb2948c8a7ab645e3c04f30cd96c8d76

  • SSDEEP

    768:W7BlpppARFbhWJQiroRwOzQJfoRwOzQJl:W7ZppApHiu3K

Score
9/10

Malware Config

Signatures

  • Renames multiple (3758) files with added filename extension

    This suggests ransomware activity of encrypting all the files on the system.

  • Drops file in Program Files directory 64 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\3d53abd50b7f44f58cb1b40c619ca680_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\3d53abd50b7f44f58cb1b40c619ca680_NeikiAnalytics.exe"
    1⤵
    • Drops file in Program Files directory
    PID:2116

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\$Recycle.Bin\S-1-5-21-2812790648-3157963462-487717889-1000\desktop.ini.tmp

    Filesize

    48KB

    MD5

    80905c8a94db0e4605d2819ab207c368

    SHA1

    11c60dda08402a84f021dd8614d17e2fc0c3f2fc

    SHA256

    3d656eb7d23da02ea5cefa28da18f316329d649d81e2535863e02603f422c2cd

    SHA512

    a5585542af34b7282ecddff03d610cde0f0f2ad804064fe354e60311507bed5c5c20db256926999c4c9689c0b7812279076d0e97749ed5008c6153b995e377df

  • C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp

    Filesize

    57KB

    MD5

    355a8a244cbf6257da88b7030f260066

    SHA1

    1b17a1889194cd42dd334cc28bcd45b8d5ce00f6

    SHA256

    5b3a961e19a29bf544ca0be109d325a9b6847207b5cfd9f2d1d12ad2a0ebfeb7

    SHA512

    b70b4636944dda972de6544f13c08ca4003d046ac011701fd4d845783f9443593fc1800e21cfa3abcb59dcfe2d09e523c53578306a2d476f0f60931a680164c5