General
-
Target
05909bbd4b3c9e556ba87a60960d13d0_NeikiAnalytics.exe
-
Size
118KB
-
Sample
240525-wx71qadf93
-
MD5
05909bbd4b3c9e556ba87a60960d13d0
-
SHA1
18b02dc1c17226716b7fa8a483b1a12e40a6f8e6
-
SHA256
54075ed7171322a8dd809e3398941a8573b7b194a6ed667670b25da3995c741e
-
SHA512
0272c90936da2bb8e12d67061378068a1d951d994e86eb94c8d6c836f6465ed1c4579268523a01fff9b15a6737c59c1aca31e90de7fbc880edced405d54ff874
-
SSDEEP
1536:W7Z9pApQESOHepOHe8G+6E65TGAP7Z9pApQESOHepOHe8G+6E65TGAG:69WpQEJAN9WpQEJAG
Malware Config
Targets
-
-
Target
05909bbd4b3c9e556ba87a60960d13d0_NeikiAnalytics.exe
-
Size
118KB
-
MD5
05909bbd4b3c9e556ba87a60960d13d0
-
SHA1
18b02dc1c17226716b7fa8a483b1a12e40a6f8e6
-
SHA256
54075ed7171322a8dd809e3398941a8573b7b194a6ed667670b25da3995c741e
-
SHA512
0272c90936da2bb8e12d67061378068a1d951d994e86eb94c8d6c836f6465ed1c4579268523a01fff9b15a6737c59c1aca31e90de7fbc880edced405d54ff874
-
SSDEEP
1536:W7Z9pApQESOHepOHe8G+6E65TGAP7Z9pApQESOHepOHe8G+6E65TGAG:69WpQEJAN9WpQEJAG
Score9/10-
Renames multiple (4494) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-