General
-
Target
a3b3dc8599081dd6039de4b87ac47a00_NeikiAnalytics.exe
-
Size
122KB
-
Sample
240603-pttwcsga35
-
MD5
a3b3dc8599081dd6039de4b87ac47a00
-
SHA1
c364252c47b0ee1d6d8c96b0ec465eb3327898ae
-
SHA256
c937b35a1758f77fc6728f9ee6dc32b66d8ddc1eb0deb1a600a472b24221ae68
-
SHA512
9ca0ad0e369e77a7e2d833aaee96df2f38592191ba48ed83778165ad41856a51247f4827b05d70ee1bb3dc5cca5826dda7c147e3f10a5e4f9e84386e9f304bfc
-
SSDEEP
1536:67Zf/FAxTWY1++PJHJXA/OsIZi7Zf/FAxTWY1++PJHJXA/OsIZV:+nyibnyi8
Behavioral task
behavioral1
Sample
a3b3dc8599081dd6039de4b87ac47a00_NeikiAnalytics.exe
Resource
win7-20240419-en
Behavioral task
behavioral2
Sample
a3b3dc8599081dd6039de4b87ac47a00_NeikiAnalytics.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
a3b3dc8599081dd6039de4b87ac47a00_NeikiAnalytics.exe
-
Size
122KB
-
MD5
a3b3dc8599081dd6039de4b87ac47a00
-
SHA1
c364252c47b0ee1d6d8c96b0ec465eb3327898ae
-
SHA256
c937b35a1758f77fc6728f9ee6dc32b66d8ddc1eb0deb1a600a472b24221ae68
-
SHA512
9ca0ad0e369e77a7e2d833aaee96df2f38592191ba48ed83778165ad41856a51247f4827b05d70ee1bb3dc5cca5826dda7c147e3f10a5e4f9e84386e9f304bfc
-
SSDEEP
1536:67Zf/FAxTWY1++PJHJXA/OsIZi7Zf/FAxTWY1++PJHJXA/OsIZV:+nyibnyi8
Score9/10-
Renames multiple (4068) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-