Overview

overview

9

Static

static

3

333df0eb9a...cs.exe

windows7-x64

9

333df0eb9a...cs.exe

windows10-2004-x64

9

Analysis

  • max time kernel
    73s
  • max time network
    152s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240508-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
  • submitted
    01-07-2024 03:49

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    333df0eb9a02b1c79f286449b3ec8ea00b97502a8821bbec6a79add726d7947e_NeikiAnalytics.exe

  • Size

    37KB

  • MD5

    79e95a0594c2d4a042132fb469fce3c0

  • SHA1

    4d05da6972beb4517f4eecf50b82ccb54e9328f7

  • SHA256

    333df0eb9a02b1c79f286449b3ec8ea00b97502a8821bbec6a79add726d7947e

  • SHA512

    018f5f99e1a941b80d6e8d066354c2f30ecb4529059a40da33b0b9450a6741c063bf7ef458723d1cc7285d0876aca945ee9fe1ca75fde5bacb3bce95827ecd85

  • SSDEEP

    384:GBt7Br5xjL9AgA71FbhvuNBN2TQ1nrSLmnsNw/NwLux:W7BlpppARFbhknrSLmsNw/Nwy

Score
9/10
ransomware

Malware Config

Signatures

  • Renames multiple (1994) files with added filename extension

    This suggests ransomware activity of encrypting all the files on the system.

    ransomware
  • Drops file in Program Files directory 64 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\333df0eb9a02b1c79f286449b3ec8ea00b97502a8821bbec6a79add726d7947e_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\333df0eb9a02b1c79f286449b3ec8ea00b97502a8821bbec6a79add726d7947e_NeikiAnalytics.exe"
    1⤵
    • Drops file in Program Files directory
    PID:5112

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\$Recycle.Bin\S-1-5-21-4124900551-4068476067-3491212533-1000\desktop.ini.tmp
    Filesize

    37KB

    MD5

    ea121e22c9b1830cdd1dc4273a50a2d3

    SHA1

    cefd44403bf0365b9a956d850a5087cdaa62d63a

    SHA256

    8c419aeca94ef3390d7a6bfc79f636221cac66e2dddea002af3588dd4c2c845d

    SHA512

    e7275db2ef9b8d0e6b080260d11973a161f31b98e2f0afadef52d15b1b73e8214c7ced7099c6838d83d59c2bd02d0996c829161bfe53c59e22d41aabf4ca4da2

    Download Submit
  • C:\Program Files\7-Zip\7-zip.dll.tmp
    Filesize

    136KB

    MD5

    8e257291c3a62fe1870ac331857431f4

    SHA1

    bbb152d8d9511d23de935c82082bc24ceb79a29e

    SHA256

    ea67f12a43bf67ee5276b6babfac640465effcafd11efe522b19d6f43b3ac6ec

    SHA512

    7b21317988012c7335935dc8cc90ed99930e1d77cecfc57d066cb51b5795b3ed2cde77871b74107b34b9e2171039676d8f571f05e779b6b755e7dd009fdd961e

    Download Submit