General
-
Target
fac1d6c8a406f2fa03194dbe54bfc920_NeikiAnalytics.exe
-
Size
198KB
-
Sample
240523-hpn1zsgg9z
-
MD5
fac1d6c8a406f2fa03194dbe54bfc920
-
SHA1
f3259f09735424d2256c42f783d6f162f8867f66
-
SHA256
194991a3305e13f356444f88e74844a3d4da65b9419f8a105ead62697355b82f
-
SHA512
60c6cab29209a91d8cb7ff6c90acdef4de4ba5fcd6f9b71249817d3e518c181734cb27d98b97aaff6096bcc70b46551f9c8030fc7b4691d41bb079986ddb2b58
-
SSDEEP
3072:6e7WpoYvHYvIe7Wpxe7WpoYvHYvIe7Wp8:RqySHSrqqqySHSrqG
Static task
static1
Behavioral task
behavioral1
Sample
fac1d6c8a406f2fa03194dbe54bfc920_NeikiAnalytics.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
fac1d6c8a406f2fa03194dbe54bfc920_NeikiAnalytics.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
fac1d6c8a406f2fa03194dbe54bfc920_NeikiAnalytics.exe
-
Size
198KB
-
MD5
fac1d6c8a406f2fa03194dbe54bfc920
-
SHA1
f3259f09735424d2256c42f783d6f162f8867f66
-
SHA256
194991a3305e13f356444f88e74844a3d4da65b9419f8a105ead62697355b82f
-
SHA512
60c6cab29209a91d8cb7ff6c90acdef4de4ba5fcd6f9b71249817d3e518c181734cb27d98b97aaff6096bcc70b46551f9c8030fc7b4691d41bb079986ddb2b58
-
SSDEEP
3072:6e7WpoYvHYvIe7Wpxe7WpoYvHYvIe7Wp8:RqySHSrqqqySHSrqG
Score9/10-
Renames multiple (3663) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-