General
-
Target
e691aef25308f0bcd4ace49c2a920c30_NeikiAnalytics.exe
-
Size
225KB
-
Sample
240525-vkjlxsbg42
-
MD5
e691aef25308f0bcd4ace49c2a920c30
-
SHA1
1c06f6556b36b9dbefb787c601d27fa2730a7e3f
-
SHA256
24aecb71d9d0fcc029264fd5638011b90325a1db9214e616552cdb713bf83aa1
-
SHA512
36bf77710a098bf6a8c414f7df7d32e7808aa2cdf33b8668084b6150dbe78a13a3ced806bdc8c963c904cf5118e55f50c6ffa92ea0cea7b636e22fa03f79c8ff
-
SSDEEP
6144:RqKvb0CYJ973e+eKZ0V5O9xpKbShcHUan:vvbxYX7Z0VbvUan
Static task
static1
Behavioral task
behavioral1
Sample
e691aef25308f0bcd4ace49c2a920c30_NeikiAnalytics.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
e691aef25308f0bcd4ace49c2a920c30_NeikiAnalytics.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
e691aef25308f0bcd4ace49c2a920c30_NeikiAnalytics.exe
-
Size
225KB
-
MD5
e691aef25308f0bcd4ace49c2a920c30
-
SHA1
1c06f6556b36b9dbefb787c601d27fa2730a7e3f
-
SHA256
24aecb71d9d0fcc029264fd5638011b90325a1db9214e616552cdb713bf83aa1
-
SHA512
36bf77710a098bf6a8c414f7df7d32e7808aa2cdf33b8668084b6150dbe78a13a3ced806bdc8c963c904cf5118e55f50c6ffa92ea0cea7b636e22fa03f79c8ff
-
SSDEEP
6144:RqKvb0CYJ973e+eKZ0V5O9xpKbShcHUan:vvbxYX7Z0VbvUan
Score9/10-
Renames multiple (3431) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-