Analysis

  • max time kernel
    150s
  • max time network
    150s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240611-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240611-enlocale:en-usos:windows10-2004-x64system
  • submitted
    14-06-2024 04:07

General

  • Target

    a10caa57e8e334803b2383aed6749070_NeikiAnalytics.exe

  • Size

    70KB

  • MD5

    a10caa57e8e334803b2383aed6749070

  • SHA1

    4da37659ccddc0e3f77b2aa1e60074ca1cd217d5

  • SHA256

    0d0e9ae4c6cf81e07f9e57fcc8410e1e3ae2cf172d45aabdec6a4525747aa4a9

  • SHA512

    90ff9db6a0b4b3df5e8330e297ffa2f90de2c3ef06489703e4c8494a2d220dc8c20422ffbfac5e558a6e701d5dc51136282f7ba0f5af4002866f2d43de6b0f6b

  • SSDEEP

    1536:W7ZppApUFpEhLfyBtPf50FWkFpPDze/qFsxEhLfyBtPf50FWkFpPDze/qFsAcEhl:6pWpUFpEhLfyBtPf50FWkFpPDze/qFsw

Score
9/10

Malware Config

Signatures

  • Renames multiple (4867) files with added filename extension

    This suggests ransomware activity of encrypting all the files on the system.

  • Drops file in Program Files directory 64 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\a10caa57e8e334803b2383aed6749070_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\a10caa57e8e334803b2383aed6749070_NeikiAnalytics.exe"
    1⤵
    • Drops file in Program Files directory
    PID:4436

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\$Recycle.Bin\S-1-5-21-2447855248-390457009-3660902674-1000\desktop.ini.tmp
    Filesize

    70KB

    MD5

    d5ccb522d9e8342831bfe6ff89ada965

    SHA1

    bd43745016b41171a994823b6e4993c6a3725333

    SHA256

    08519ecc288a44ac443f53c14947393eb66c15bed90468ea72d7fda0842b1c42

    SHA512

    2c0f04c1bd93f86cc777fcb82999ec4ddc393cfe898555ce5126553058269d1adb2e7728136bf694258e9ce139e5a74bdedc4236f6581a84eb49b5a4aaa7e2ee

  • C:\Program Files\7-Zip\7-zip.dll.tmp
    Filesize

    169KB

    MD5

    9fe40a7343c82754efb73f49e55134d6

    SHA1

    7abf25e681bae16113ffe0b4b90442b8981bad45

    SHA256

    33ca879adb2cdd7fe76ea05a725b7087faab7410a71eaf3541b962e90a9f2df9

    SHA512

    23135890271d16cdae5b4457c8e9fef61015c2a17fb26f5104e328d23f8cb2bc005675204a2df6326b733e54e5b639c53c0880431ab9a0a8807c36424e0f5ceb