Overview

overview

9

Static

static

3

818d91d791...cs.exe

windows7-x64

9

818d91d791...cs.exe

windows10-2004-x64

9

Analysis

  • max time kernel
    150s
  • max time network
    138s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240611-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240611-enlocale:en-usos:windows10-2004-x64system
  • submitted
    28-06-2024 04:26

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    818d91d791ed3dac2ab09784234304e5b2757ef10e07d87647843855a4175f41_NeikiAnalytics.exe

  • Size

    98KB

  • MD5

    661eb4bacea3fb0877e2f67be19699d0

  • SHA1

    bd0e7245e20c5671a06fae24ac337f0e76efa03a

  • SHA256

    818d91d791ed3dac2ab09784234304e5b2757ef10e07d87647843855a4175f41

  • SHA512

    e20d1d45281f08451359106bbf99291dc638e528328057ce0e97b2574a2304d073a07c028c1427d79f5515323ee2248d40ec9d223facf135523157428ab046b9

  • SSDEEP

    3072:6pWpUFpEhLfyBtPf50FWkFpPDze/qFsxEhLfyBtPf50FWkFpPDze/qFslEhLfyBP:PqFF2Ie+eFk

Score
9/10
ransomware

Malware Config

Signatures

  • Renames multiple (4846) files with added filename extension

    This suggests ransomware activity of encrypting all the files on the system.

    ransomware
  • Drops file in Program Files directory 64 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\818d91d791ed3dac2ab09784234304e5b2757ef10e07d87647843855a4175f41_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\818d91d791ed3dac2ab09784234304e5b2757ef10e07d87647843855a4175f41_NeikiAnalytics.exe"
    1⤵
    • Drops file in Program Files directory
    PID:4600
  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --field-trial-handle=4432,i,6522675234395427298,2952738987384583032,262144 --variations-seed-version --mojo-platform-channel-handle=1308 /prefetch:8
    1⤵
      PID:464

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\$Recycle.Bin\S-1-5-21-3665033694-1447845302-680750983-1000\desktop.ini.tmp
      Filesize

      98KB

      MD5

      67663c2a73e2e9234020df9f12c8d74c

      SHA1

      8e55b61b89079321d2ed2176fbd5eff7fee69c08

      SHA256

      0b644e09ce995827879e4a71d1709e96ddb0bdc75cda1ab80740dc65f9c2837e

      SHA512

      2224d6e062dc929e0478da7311cbf135c9c5d30b385649374f5899b0a0370271f2361029daa7764c0fc29f083a5d454a9323e8187e6c62df81d8ede7444e587f

      Download Submit

    • C:\Program Files\7-Zip\7-zip.chm.exe
      Filesize

      210KB

      MD5

      82082566754697f9d07659020ac7244d

      SHA1

      99da6667c8eca8f0f748b18ad07bdc1844a4c255

      SHA256

      63fe4379a722bf46fb22396183eca1886fc33b4dded4dd4f718abeef3a13420f

      SHA512

      8a7c8ded9643adaf2c572bac71ed9ad5d82144525479b6025abc0700cf010c0507c0676f2a38d6725bba788df89fae02d13cb483967d8b02271a6aec22bcc118

      Download Submit