Analysis

  • max time kernel
    150s
  • max time network
    53s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240508-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
  • submitted
    12-06-2024 13:14

General

  • Target

    3d53abd50b7f44f58cb1b40c619ca680_NeikiAnalytics.exe

  • Size

    47KB

  • MD5

    3d53abd50b7f44f58cb1b40c619ca680

  • SHA1

    bf84989c9ac5afd9e774af68576f17e72e03deaf

  • SHA256

    9e2a86ecc9867ea28ba3021aa055daa56b93f1b82a3300bda03eb6e9b629623c

  • SHA512

    416fa9b1a17537bc8ade152d3fc35f13a00c6dd9a854804b325c828874879f7c3da63330442165a6eec0686f0abc3ca7fb2948c8a7ab645e3c04f30cd96c8d76

  • SSDEEP

    768:W7BlpppARFbhWJQiroRwOzQJfoRwOzQJl:W7ZppApHiu3K

Score
9/10

Malware Config

Signatures

  • Renames multiple (5350) files with added filename extension

    This suggests ransomware activity of encrypting all the files on the system.

  • Drops file in Program Files directory 64 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\3d53abd50b7f44f58cb1b40c619ca680_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\3d53abd50b7f44f58cb1b40c619ca680_NeikiAnalytics.exe"
    1⤵
    • Drops file in Program Files directory
    PID:4364

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\$Recycle.Bin\S-1-5-21-4124900551-4068476067-3491212533-1000\desktop.ini.tmp

    Filesize

    48KB

    MD5

    d2f7041dc1e6910dcac17fa10a99e9a0

    SHA1

    d0781ea6502b7fdfce128fbfa5cc7a8aee2b6980

    SHA256

    321536dc0eb164512b3df17f2db1e9941fc78de32d30dd86be2b0100babd1d6b

    SHA512

    8414b047a074d7e67ceb810c5a23790bd441b17264c5153069585e414c7b546cb41306fd076f8223eff9b9d0c40e014e9a5540925a918321a48f514f5c33f358

  • C:\Program Files\7-Zip\7-zip.dll.tmp

    Filesize

    147KB

    MD5

    8cc50377945a03992ce437b46f1e6316

    SHA1

    713e6a503744cfa94a7507e84c6ffa7af4e73ab2

    SHA256

    120bee5bf83ef7a82a7e665c0590a7b38af8e30c84db5c85a118277b98b6252d

    SHA512

    107b79d14dd657d51a11a7b0f585cf18b8623f7a6566d0ef0abb3c572eba07da2f15ae6abf88445001885d0e898fcd85977a7b79da0ee93016bb2100e25796fe