Analysis

  • max time kernel
    150s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    14-06-2024 04:41

General

  • Target

    a2dd955e9f14500ae17e7476332e61a0_NeikiAnalytics.exe

  • Size

    44KB

  • MD5

    a2dd955e9f14500ae17e7476332e61a0

  • SHA1

    eb78da914282ccff3c8503d9ea6c833ede975525

  • SHA256

    02c08dca00a93be13c68b3dd0f769fa8abae118ed06627a1f4c459da0b8fa2c6

  • SHA512

    ed50f9a7393b86467404693d64f19acced1e677755ed7b001706a518827d54589ab154c0529feccefb482251a6841442c40a24b8487405728408701b93cedb97

  • SSDEEP

    384:GBt7Br5xjLMuLAgA71FbhvDl3DG71ul3DG71XUmUIYFt1zecDT1zecDu:W7BlpNLpARFbhblkYlkuvIYFWcDYcDu

Score
9/10

Malware Config

Signatures

  • Renames multiple (3564) files with added filename extension

    This suggests ransomware activity of encrypting all the files on the system.

  • Drops file in Program Files directory 64 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\a2dd955e9f14500ae17e7476332e61a0_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\a2dd955e9f14500ae17e7476332e61a0_NeikiAnalytics.exe"
    1⤵
    • Drops file in Program Files directory
    PID:2192

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\$Recycle.Bin\S-1-5-21-1298544033-3225604241-2703760938-1000\desktop.ini.tmp
    Filesize

    45KB

    MD5

    58ea963d5f9110b843b0528d318db009

    SHA1

    96a39a706a39aca838237ceaebb75d14a4a7c08c

    SHA256

    1cc3bd6c41637e402c5d97d9eb6cb81924dced36965324323b0622fd94484d3b

    SHA512

    c23723c0a7c94fc6b01e59ff2247e899123516b280ae2fa1510262a46e01cbce6d72d51744dfeaa90df2872ac3635e900d678cdf3d64134d8c8931d2ae1653a7

  • C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp
    Filesize

    53KB

    MD5

    a7b4e3e81008cf882b0689f83cb6822f

    SHA1

    b28d2eea55a81526df5c82927892fc8fa7305cd9

    SHA256

    248ad195eda200ffe02869fdcc381336caff6ebc271b74881156d289fa541c07

    SHA512

    ab00a7e8fc7bd51acd87f7f4c3d7997167674ba02cebb532c9ba1eaba7b1c0d795a87481afe5642926541bc719d7a74ea3df363abbf20e8115497d622b3b3654