Analysis

  • max time kernel
    150s
  • max time network
    96s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240611-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240611-enlocale:en-usos:windows10-2004-x64system
  • submitted
    17-06-2024 07:19

General

  • Target

    60e533b160c4c0a9c6312314b64ea530_NeikiAnalytics.exe

  • Size

    83KB

  • MD5

    60e533b160c4c0a9c6312314b64ea530

  • SHA1

    2dd59eb787106b7285c5532df115d3abc437dbf1

  • SHA256

    f1ffabcebdb71426459ea36a4e3c5cedeea2e8a628281b8af4c10422366baa29

  • SHA512

    abb67691996d2d2a359effb09db32d432ee2afe1eeda5fa4212b9ecfef2389b37309da5f9903961b580de23ebb5d234144351bb62daaf753f2ab4de081e00526

  • SSDEEP

    1536:W7ZppApUFpEhLfyBtPf50FWkFpPDze/qFsxEhLfyBtPf50FWkFpPDze/qFsAcEhR:6pWpUFpEhLfyBtPf50FWkFpPDze/qFs0

Score
9/10

Malware Config

Signatures

  • Renames multiple (4893) files with added filename extension

    This suggests ransomware activity of encrypting all the files on the system.

  • Drops file in Program Files directory 64 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\60e533b160c4c0a9c6312314b64ea530_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\60e533b160c4c0a9c6312314b64ea530_NeikiAnalytics.exe"
    1⤵
    • Drops file in Program Files directory
    PID:3416

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\$Recycle.Bin\S-1-5-21-2080292272-204036150-2159171770-1000\desktop.ini.tmp

    Filesize

    83KB

    MD5

    f1a5513a246a9c59b3e7dac8b6a842fd

    SHA1

    8d09318efafac46929e7fba93f2d2af70c11a5f9

    SHA256

    71c368c9c18532e748546071d444c1f55a9d7dbd66cba242f4396c9eccb0e3e0

    SHA512

    ba42b930392025da6ecd20850fe9f9efe7e5fa3659b8fc394df8b87a0e6f5404207991162e002a7ef4db77b99d5e482051fb9aa009f5681a477fd39fdd090878

  • C:\Program Files\7-Zip\7-zip.dll.tmp

    Filesize

    182KB

    MD5

    9cd831a73fd3067c52ab491691113dac

    SHA1

    b85c928e7f544a06277d25ce4cba9fc790c68a67

    SHA256

    41a1fe3747ae7b6a4abc7a1a63f537082459cb8a2a74a20949846ea3f4afb642

    SHA512

    b588655b3f31e12518b466f80ebb79d2d96839f108aff74c82e6468aba6ce618afad288102ef539d58c77472b090e6997c972ba2d778119293483e2f7621b690