Analysis

  • max time kernel
    148s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20240611-en
  • resource tags

    arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
  • submitted
    14-06-2024 04:56

General

  • Target

    a40976b5441acb9163e177b462d75b10_NeikiAnalytics.exe

  • Size

    44KB

  • MD5

    a40976b5441acb9163e177b462d75b10

  • SHA1

    f88f9b104c4688a1fdb60e85148635e82eb47e2d

  • SHA256

    4d5077fab12be489d18ffe985356420a95f1d7b1727a9d732df048f76360ace4

  • SHA512

    7e1bf083cf43685665755b32cbca1bb7ec7fb5f16ed4ae57227794c68db9ff7ec4b90d66745a3eae0e32dcfb5015b638dbc65ffb216193d5d8b2bf9205379517

  • SSDEEP

    384:GBt7Br5xjLMuLAgA71FbhvDl3DG71ul3DG71XUmUIYFt1zecDT1zecDy:W7BlpNLpARFbhblkYlkuvIYFWcDYcDy

Score
9/10

Malware Config

Signatures

  • Renames multiple (1023) files with added filename extension

    This suggests ransomware activity of encrypting all the files on the system.

  • Drops file in Program Files directory 64 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\a40976b5441acb9163e177b462d75b10_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\a40976b5441acb9163e177b462d75b10_NeikiAnalytics.exe"
    1⤵
    • Drops file in Program Files directory
    PID:2984

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\$Recycle.Bin\S-1-5-21-39690363-730359138-1046745555-1000\desktop.ini.tmp
    Filesize

    45KB

    MD5

    e99a3587b10a473139fa0ec71bd589fb

    SHA1

    79991d53e4bc5c839450361b6736ff918b96156a

    SHA256

    9d2efa0d89a09a18fb50f7a08369d5527f954740d91106812203aa50d04adc18

    SHA512

    cd6bc0ece3258cc1d9dcf2fdee5814fbf38ffb6eb8d37735d617d84aeabc4cf0c6a8489bb176a1ca2a582b262bbf1736924d3d9846b96792939e3bc16d50b340

  • C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp
    Filesize

    53KB

    MD5

    59cf36e9fa0fc865713653cf65ac6216

    SHA1

    37d59a56f352b1eb457ae6bf73cbf491ba89134a

    SHA256

    27ee2f31933efc97b0539d05be810de61431b5087e9111ebe1a2f1c0e49a5a8b

    SHA512

    e07e51aeac7181bb8df65e5737368b0fae1e3787f18ee975e6da0502a0eb272ed3c58fd764968f15e76bb250a5e3d24b1c0efec1ceebf42166428c153fded44a