General
-
Target
12be49c353f1fb5155fb64b4f85bca60_NeikiAnalytics.exe
-
Size
178KB
-
Sample
240525-ybgyhsgb29
-
MD5
12be49c353f1fb5155fb64b4f85bca60
-
SHA1
dcf762c21a2bb73f00c082c3e34c2796adb08885
-
SHA256
b08c0519faafdded9ef795a9fdaff2e4f3a9bd216ae1b1ee68f0a1cb08fc28a6
-
SHA512
2845c9fd0e0d76b37f7b4fc6285483f9e5b82bab55618cd38271657cfd8abba9cb5e38d689842684de8a51ffa4b35569ce0c27187b7b92adf6fd1ddbce1455cb
-
SSDEEP
3072:+nymCAIuZAIuYSMjo4nymCAIuZAIuYSMjoz:JmCAIuZAIuDMamCAIuZAIuDMY
Behavioral task
behavioral1
Sample
12be49c353f1fb5155fb64b4f85bca60_NeikiAnalytics.exe
Resource
win7-20240215-en
Behavioral task
behavioral2
Sample
12be49c353f1fb5155fb64b4f85bca60_NeikiAnalytics.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
12be49c353f1fb5155fb64b4f85bca60_NeikiAnalytics.exe
-
Size
178KB
-
MD5
12be49c353f1fb5155fb64b4f85bca60
-
SHA1
dcf762c21a2bb73f00c082c3e34c2796adb08885
-
SHA256
b08c0519faafdded9ef795a9fdaff2e4f3a9bd216ae1b1ee68f0a1cb08fc28a6
-
SHA512
2845c9fd0e0d76b37f7b4fc6285483f9e5b82bab55618cd38271657cfd8abba9cb5e38d689842684de8a51ffa4b35569ce0c27187b7b92adf6fd1ddbce1455cb
-
SSDEEP
3072:+nymCAIuZAIuYSMjo4nymCAIuZAIuYSMjoz:JmCAIuZAIuDMamCAIuZAIuDMY
Score9/10-
Renames multiple (4008) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-