General
-
Target
77db9f61faa0f5d2d4186eeaf7eaf470_NeikiAnalytics.exe
-
Size
181KB
-
Sample
240602-2h2haahe6w
-
MD5
77db9f61faa0f5d2d4186eeaf7eaf470
-
SHA1
adf638534887b5adf87692125abea72104d22e3d
-
SHA256
03144ff47246e9e89153cce6732269d8de5ac88b895471c0eb8bf560c6297c49
-
SHA512
04d3f7394b7149da658eeb14ed94bb95678f084abbc9b09786fc33dd0ccfbc8653dc2c3af527087ac257a3df85de6d267aacfc17fb5735dc1111319d6a81463f
-
SSDEEP
3072:6rWpcOPxPke+e3fFpsJOfFpsJbgEOrWpcOPxPke+e3fFpsJOfFpsJbgEv:tFPxPke+eIRFPxPke+eIv
Static task
static1
Behavioral task
behavioral1
Sample
77db9f61faa0f5d2d4186eeaf7eaf470_NeikiAnalytics.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
77db9f61faa0f5d2d4186eeaf7eaf470_NeikiAnalytics.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
77db9f61faa0f5d2d4186eeaf7eaf470_NeikiAnalytics.exe
-
Size
181KB
-
MD5
77db9f61faa0f5d2d4186eeaf7eaf470
-
SHA1
adf638534887b5adf87692125abea72104d22e3d
-
SHA256
03144ff47246e9e89153cce6732269d8de5ac88b895471c0eb8bf560c6297c49
-
SHA512
04d3f7394b7149da658eeb14ed94bb95678f084abbc9b09786fc33dd0ccfbc8653dc2c3af527087ac257a3df85de6d267aacfc17fb5735dc1111319d6a81463f
-
SSDEEP
3072:6rWpcOPxPke+e3fFpsJOfFpsJbgEOrWpcOPxPke+e3fFpsJOfFpsJbgEv:tFPxPke+eIRFPxPke+eIv
Score9/10-
Renames multiple (3596) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-