General

  • Target

    9767d7965680493d1d49afa5e6451f50_NeikiAnalytics.exe

  • Size

    375KB

  • Sample

    240608-h1abzaaa9x

  • MD5

    9767d7965680493d1d49afa5e6451f50

  • SHA1

    bc8dfe7cc5c58d02a17f2f662d63453b82cea4df

  • SHA256

    d967b331406848d1ed79657a2f91ab0198e71f850de745a53e92f14afe7418e8

  • SHA512

    9d8d7271582e574f693760304386ba678e3fe25e0da3a97c06715219f81dbabaa33d842336c5c512ae64230e05c071faf707bf595b41221c383e82a59314b693

  • SSDEEP

    6144:wHm3AIuZAIuq4LDcNqUY9qjsQsOEYHnzbkPNCKmCOrgEpgD:XAIuZAIu9ca9KSBCnzbkP8KmCOrpy

Score
9/10

Malware Config

Targets

    • Target

      9767d7965680493d1d49afa5e6451f50_NeikiAnalytics.exe

    • Size

      375KB

    • MD5

      9767d7965680493d1d49afa5e6451f50

    • SHA1

      bc8dfe7cc5c58d02a17f2f662d63453b82cea4df

    • SHA256

      d967b331406848d1ed79657a2f91ab0198e71f850de745a53e92f14afe7418e8

    • SHA512

      9d8d7271582e574f693760304386ba678e3fe25e0da3a97c06715219f81dbabaa33d842336c5c512ae64230e05c071faf707bf595b41221c383e82a59314b693

    • SSDEEP

      6144:wHm3AIuZAIuq4LDcNqUY9qjsQsOEYHnzbkPNCKmCOrgEpgD:XAIuZAIu9ca9KSBCnzbkP8KmCOrpy

    Score
    9/10
    • Renames multiple (5037) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Drops file in System32 directory

MITRE ATT&CK Matrix

Tasks