General
-
Target
406a03405cd302d3c3edd2a50b44b310_NeikiAnalytics.exe
-
Size
88KB
-
Sample
240522-1calyahf24
-
MD5
406a03405cd302d3c3edd2a50b44b310
-
SHA1
a65d7158abd192c43cf50030919187f188259219
-
SHA256
26373da754847374bc30f7036df70cc9c9a33346aaad6ea33279b6b1d0aa0547
-
SHA512
ddca1776e567020fdd80ba4fca716fc04dd63073ba1c21c2e56037f5986dec9cb226542887fda5f4a61fafa55a7e9a488f146a03331ba411d67bf869cc90eb27
-
SSDEEP
1536:CTWn1++PJHJXA/OsIZfzc3/Q8asUs7TWn1++PJHJXA/OsIZfzc3/Q8asUsJC6CZ:KQSohsUsvQSohsUsJ5u
Behavioral task
behavioral1
Sample
406a03405cd302d3c3edd2a50b44b310_NeikiAnalytics.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
406a03405cd302d3c3edd2a50b44b310_NeikiAnalytics.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
406a03405cd302d3c3edd2a50b44b310_NeikiAnalytics.exe
-
Size
88KB
-
MD5
406a03405cd302d3c3edd2a50b44b310
-
SHA1
a65d7158abd192c43cf50030919187f188259219
-
SHA256
26373da754847374bc30f7036df70cc9c9a33346aaad6ea33279b6b1d0aa0547
-
SHA512
ddca1776e567020fdd80ba4fca716fc04dd63073ba1c21c2e56037f5986dec9cb226542887fda5f4a61fafa55a7e9a488f146a03331ba411d67bf869cc90eb27
-
SSDEEP
1536:CTWn1++PJHJXA/OsIZfzc3/Q8asUs7TWn1++PJHJXA/OsIZfzc3/Q8asUsJC6CZ:KQSohsUsvQSohsUsJ5u
Score9/10-
Renames multiple (1224) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-