Overview

overview

9

Static

static

3

36fe59ad63...cs.exe

windows7-x64

9

36fe59ad63...cs.exe

windows10-2004-x64

9

Analysis

  • max time kernel
    150s
  • max time network
    152s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240611-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240611-enlocale:en-usos:windows10-2004-x64system
  • submitted
    01-07-2024 04:55

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    36fe59ad63ea176edfe717e02ebdbf04d3abb908f01a52f1894ae65f397ef712_NeikiAnalytics.exe

  • Size

    41KB

  • MD5

    a8cb3e8f0e31ea246fd155a18b165af0

  • SHA1

    ef82f88432d0320f52f02c17c2b6b27fc8c3f9a3

  • SHA256

    36fe59ad63ea176edfe717e02ebdbf04d3abb908f01a52f1894ae65f397ef712

  • SHA512

    2f4d9b8b72b790fdecc986ba74d2c818fae6546197c5fba07bc38ee44bb52b029907eae0e2d6b11e1d5b4235f1552bc1023de7fa9b8a6cd13b542223e0177216

  • SSDEEP

    768:W7BlpppARFbhknrSLmsNw/NwuhoYh44eFZIXHFJV+hoYh44eFZIXHFJVe:W7ZppApkGvNw/Nwu6Yh44eFZIXHFJV+C

Score
9/10
ransomware

Malware Config

Signatures

  • Renames multiple (5037) files with added filename extension

    This suggests ransomware activity of encrypting all the files on the system.

    ransomware
  • Drops file in Program Files directory 64 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\36fe59ad63ea176edfe717e02ebdbf04d3abb908f01a52f1894ae65f397ef712_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\36fe59ad63ea176edfe717e02ebdbf04d3abb908f01a52f1894ae65f397ef712_NeikiAnalytics.exe"
    1⤵
    • Drops file in Program Files directory
    PID:2340

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\$Recycle.Bin\S-1-5-21-4204450073-1267028356-951339405-1000\desktop.ini.tmp
    Filesize

    42KB

    MD5

    6b139b85c27346ee0c1241c071b1b301

    SHA1

    466c8009117b14fb349228bbcabb420c4a927809

    SHA256

    d8a2545b6a90acb223d82fcf280bb5723a655e257514f7b8fa445a15debb5b2e

    SHA512

    fbd48c75bd467dad4b9f79ebfe515b8c998f3372474d33882665c26fc8d901d68a52d5e33e3658c9d629ee02cc897ed7dd93a2611f6455beab2c3448989a5d89

    Download Submit
  • C:\Program Files\7-Zip\7-zip.dll.tmp
    Filesize

    140KB

    MD5

    205aa6aa72401beee7997aa781ea17dd

    SHA1

    f6a560e391b82a2d4ead7457a5eab95ab8ba9c69

    SHA256

    7cb79cd909e7530e79235b6eb9d4168abbdef90cc5bfcabc3228087355430f21

    SHA512

    d6f724360d848adb54c3ef033d1790dff6ef25cb162e567afc03e9d2880749605088f938536bb71f446cdeb7dd014d24024493d1832e35b082ffec935fb6d82d

    Download Submit