General
-
Target
a28e0adffa58b67e58c873f676810f30_NeikiAnalytics.exe
-
Size
157KB
-
Sample
240525-nts4dsff25
-
MD5
a28e0adffa58b67e58c873f676810f30
-
SHA1
86bb3c6ce0c54c0be3981b86213f9864d7fadeed
-
SHA256
77af4582a491ee16860a4289e76f01b29be3d08aa5aef68d267fccd5729c0607
-
SHA512
3fb22c98b48ca35dfd25276073f0c7ad4ee4fde16b30f4cbb46f61d31b9ee8e2d5ab6566f84b7ba8c598b076920fda2d545178317e787cec96e89d95c42ef815
-
SSDEEP
3072:6e7WpMaxeb0CYJ97lEYNR73e+eKZFe7WpMaxeb0CYJ97lEYNR73e+eKZe:RqKvb0CYJ973e+eKZAqKvb0CYJ973e+M
Static task
static1
Behavioral task
behavioral1
Sample
a28e0adffa58b67e58c873f676810f30_NeikiAnalytics.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
a28e0adffa58b67e58c873f676810f30_NeikiAnalytics.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
a28e0adffa58b67e58c873f676810f30_NeikiAnalytics.exe
-
Size
157KB
-
MD5
a28e0adffa58b67e58c873f676810f30
-
SHA1
86bb3c6ce0c54c0be3981b86213f9864d7fadeed
-
SHA256
77af4582a491ee16860a4289e76f01b29be3d08aa5aef68d267fccd5729c0607
-
SHA512
3fb22c98b48ca35dfd25276073f0c7ad4ee4fde16b30f4cbb46f61d31b9ee8e2d5ab6566f84b7ba8c598b076920fda2d545178317e787cec96e89d95c42ef815
-
SSDEEP
3072:6e7WpMaxeb0CYJ97lEYNR73e+eKZFe7WpMaxeb0CYJ97lEYNR73e+eKZe:RqKvb0CYJ973e+eKZAqKvb0CYJ973e+M
Score9/10-
Renames multiple (4531) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-