General

  • Target

    0f817c2745b0dce6a3eb328515a01570_NeikiAnalytics.exe

  • Size

    215KB

  • Sample

    240527-xvtwrafg45

  • MD5

    0f817c2745b0dce6a3eb328515a01570

  • SHA1

    511e6eda5d4e1c9f6c93fd18e5fab8cd9c71c37a

  • SHA256

    b88f44511ece29e9d2715fd6a7b345ebdea32e221de67a4c1037b910f5606279

  • SHA512

    949c42e7d26a7cf8689fdfe3afb90f4b78fdc8db407a0b0355afde1e72deadcaaad480435725ed6b40e0cf0279a396812d6eddec5a0629290ce5c06d6ab89361

  • SSDEEP

    3072:6DWpwE7oL2e+efZwZ2D98HpKI6GCLOwstyhZFChcssc56FUrgxvbSD4UQrO2LxV:dN/e+efiM9GpKbShcHUav

Score
9/10

Malware Config

Targets

    • Target

      0f817c2745b0dce6a3eb328515a01570_NeikiAnalytics.exe

    • Size

      215KB

    • MD5

      0f817c2745b0dce6a3eb328515a01570

    • SHA1

      511e6eda5d4e1c9f6c93fd18e5fab8cd9c71c37a

    • SHA256

      b88f44511ece29e9d2715fd6a7b345ebdea32e221de67a4c1037b910f5606279

    • SHA512

      949c42e7d26a7cf8689fdfe3afb90f4b78fdc8db407a0b0355afde1e72deadcaaad480435725ed6b40e0cf0279a396812d6eddec5a0629290ce5c06d6ab89361

    • SSDEEP

      3072:6DWpwE7oL2e+efZwZ2D98HpKI6GCLOwstyhZFChcssc56FUrgxvbSD4UQrO2LxV:dN/e+efiM9GpKbShcHUav

    Score
    9/10
    • Renames multiple (3532) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Matrix

Tasks