Overview

overview

9

Static

static

3

87b8321281...cs.exe

windows7-x64

9

87b8321281...cs.exe

windows10-2004-x64

9

Analysis

  • max time kernel
    150s
  • max time network
    124s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240611-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240611-enlocale:en-usos:windows10-2004-x64system
  • submitted
    29-06-2024 08:06

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    87b8321281b2931353761a0294e1eaacf19628e5b9e2f789cca28aa313e4ff9b_NeikiAnalytics.exe

  • Size

    57KB

  • MD5

    b879558d5a76f29590bd315cbe970d90

  • SHA1

    261bdb9fe16ef79dd6815d2e4d386fb96d4c0cc3

  • SHA256

    87b8321281b2931353761a0294e1eaacf19628e5b9e2f789cca28aa313e4ff9b

  • SHA512

    2888517e7cd88f69626247409dbc0bc02819a83a49f8efb960cc99e9df8a412cd036b029b602117354714350dd120bbc2e098f5cce6401dca9842e691b7301ab

  • SSDEEP

    768:/7BlpQpARFbhIYJIJDYJIJPfFpsJcFfFpsJcC+3mC+3meDfNJ+:/7ZQpApze+eJfFpsJOfFpsJ5D+

Score
9/10
ransomware

Malware Config

Signatures

  • Renames multiple (5221) files with added filename extension

    This suggests ransomware activity of encrypting all the files on the system.

    ransomware
  • Drops file in Program Files directory 64 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\87b8321281b2931353761a0294e1eaacf19628e5b9e2f789cca28aa313e4ff9b_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\87b8321281b2931353761a0294e1eaacf19628e5b9e2f789cca28aa313e4ff9b_NeikiAnalytics.exe"
    1⤵
    • Drops file in Program Files directory
    PID:940

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\$Recycle.Bin\S-1-5-21-4204450073-1267028356-951339405-1000\desktop.ini.tmp
    Filesize

    57KB

    MD5

    bce8b775cd0e6eca12debddc0b57a587

    SHA1

    e96c49da0c68209887969d5b8cb932bc20268e6d

    SHA256

    b9cf6bed13ec09bfcf755bfabf4539fe78c7c446f1c901e151a6526427a70041

    SHA512

    ac3c9800d4e52e6cda613a20c3adb172dba6d1614f2191be210210c28208af934b75ea7981533623376f7cbdd16523e1bf0e9886ae03ae602966cfd79a353b2b

    Download Submit

  • C:\Program Files\7-Zip\7-zip.dll.tmp
    Filesize

    156KB

    MD5

    af6bc01e779ce232ea6006474cca9ff1

    SHA1

    be6d55a0bc950ffc1ca3444ac80ee3f4050fdb3b

    SHA256

    9eefb4aeeaf69cd1fc00fabbbfd284bacb5a73b4a1f7ec1299e4cd0c507c76a6

    SHA512

    4ca2347bf31c084b319336435a6c55a25a97fe4c4d86d5b93204233f2318a265984c0416891b6eea69b17b898c2ee497f75ff713a23083de127646aef2481844

    Download Submit

  • memory/940-0-0x0000000000400000-0x0000000000408000-memory.dmp

    Filesize

    32KB

    Download