General
-
Target
697744a29f17fbaa6b9975f46a438c90_NeikiAnalytics
-
Size
203KB
-
Sample
240516-a9bx6acg4z
-
MD5
697744a29f17fbaa6b9975f46a438c90
-
SHA1
a7a8b14bd4ac505b5eb087de369641e638b54c22
-
SHA256
c5a69eee74c35052aeb5925550f5107507e6d37bf3a626ebfe16d97482e71738
-
SHA512
562167c3ede8fe1ffb6ee83e8082767563adbf2cfc9c740123ab9a29164ff21961e2ab6f1d00bcd2a45a5e0d1ddec39771ea33e63981a0ebe1734666070e56b4
-
SSDEEP
3072:hfAIuZAIuYSMjoqtMHfhfofAIuZAIuYSMjoqtMHfhfB:hfAIuZAIuDMVtM/WfAIuZAIuDMVtM/P
Malware Config
Targets
-
-
Target
697744a29f17fbaa6b9975f46a438c90_NeikiAnalytics
-
Size
203KB
-
MD5
697744a29f17fbaa6b9975f46a438c90
-
SHA1
a7a8b14bd4ac505b5eb087de369641e638b54c22
-
SHA256
c5a69eee74c35052aeb5925550f5107507e6d37bf3a626ebfe16d97482e71738
-
SHA512
562167c3ede8fe1ffb6ee83e8082767563adbf2cfc9c740123ab9a29164ff21961e2ab6f1d00bcd2a45a5e0d1ddec39771ea33e63981a0ebe1734666070e56b4
-
SSDEEP
3072:hfAIuZAIuYSMjoqtMHfhfofAIuZAIuYSMjoqtMHfhfB:hfAIuZAIuDMVtM/WfAIuZAIuDMVtM/P
Score9/10-
Renames multiple (3507) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Executes dropped EXE
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Drops file in System32 directory
-