General

  • Target

    9c62ad1fd3b04aa0fad7af3e13ff2060_NEIKI

  • Size

    184KB

  • Sample

    240508-n51mlsbd5x

  • MD5

    9c62ad1fd3b04aa0fad7af3e13ff2060

  • SHA1

    6af9515fc7eb8eac01142c2b25b38a83131ab465

  • SHA256

    068859ab72cd910857d200af9f82bc8e1aed731267f1cafd539a0ec76458f3ae

  • SHA512

    736c951dcccc4b874db7a7f964f331793df7a4d0d0b3943352e6111af82f25a4bcff10e3a8655dc6e2ad1bd6ed32d05683e343faed7304ba9d0d62b9fee56a8b

  • SSDEEP

    3072:6e7WpnhkElEa0NQn0NQie+e3e7WpnhkElEa0NQn0NQie+eX:RqthOe+euqthOe+eX

Score
9/10

Malware Config

Targets

    • Target

      9c62ad1fd3b04aa0fad7af3e13ff2060_NEIKI

    • Size

      184KB

    • MD5

      9c62ad1fd3b04aa0fad7af3e13ff2060

    • SHA1

      6af9515fc7eb8eac01142c2b25b38a83131ab465

    • SHA256

      068859ab72cd910857d200af9f82bc8e1aed731267f1cafd539a0ec76458f3ae

    • SHA512

      736c951dcccc4b874db7a7f964f331793df7a4d0d0b3943352e6111af82f25a4bcff10e3a8655dc6e2ad1bd6ed32d05683e343faed7304ba9d0d62b9fee56a8b

    • SSDEEP

      3072:6e7WpnhkElEa0NQn0NQie+e3e7WpnhkElEa0NQn0NQie+eX:RqthOe+euqthOe+eX

    Score
    9/10
    • Renames multiple (3562) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Matrix

Tasks