General
-
Target
ae2e82babfd55c489dddd7f6b8e62790_NeikiAnalytics.exe
-
Size
167KB
-
Sample
240524-sfmfxaad35
-
MD5
ae2e82babfd55c489dddd7f6b8e62790
-
SHA1
d2ef1174bf8d646de8eb05d0ab31665d853f4680
-
SHA256
86480662cf62eb3728eb20a43b3dbda12f641382d86020fa94601801a6ab74f7
-
SHA512
507790e917cff6b3580c721876f51324e2c970f08e4aa7b93802d85064e83bf76fa8a83c73279980eabab4b9860865d6985b532732638372268b1e435756ec73
-
SSDEEP
3072:6e7WpMaxeb0CYJ97lEYNR73e+eKZ0VXa3e7WpMaxeb0CYJ97lEYNR73e+eKZ0VXF:RqKvb0CYJ973e+eKZ0V1qKvb0CYJ973s
Static task
static1
Behavioral task
behavioral1
Sample
ae2e82babfd55c489dddd7f6b8e62790_NeikiAnalytics.exe
Resource
win7-20240215-en
Behavioral task
behavioral2
Sample
ae2e82babfd55c489dddd7f6b8e62790_NeikiAnalytics.exe
Resource
win10v2004-20240426-en
Malware Config
Targets
-
-
Target
ae2e82babfd55c489dddd7f6b8e62790_NeikiAnalytics.exe
-
Size
167KB
-
MD5
ae2e82babfd55c489dddd7f6b8e62790
-
SHA1
d2ef1174bf8d646de8eb05d0ab31665d853f4680
-
SHA256
86480662cf62eb3728eb20a43b3dbda12f641382d86020fa94601801a6ab74f7
-
SHA512
507790e917cff6b3580c721876f51324e2c970f08e4aa7b93802d85064e83bf76fa8a83c73279980eabab4b9860865d6985b532732638372268b1e435756ec73
-
SSDEEP
3072:6e7WpMaxeb0CYJ97lEYNR73e+eKZ0VXa3e7WpMaxeb0CYJ97lEYNR73e+eKZ0VXF:RqKvb0CYJ973e+eKZ0V1qKvb0CYJ973s
Score9/10-
Renames multiple (4000) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-