General
-
Target
9767d7965680493d1d49afa5e6451f50_NeikiAnalytics.exe
-
Size
375KB
-
Sample
240608-h1abzaaa9x
-
MD5
9767d7965680493d1d49afa5e6451f50
-
SHA1
bc8dfe7cc5c58d02a17f2f662d63453b82cea4df
-
SHA256
d967b331406848d1ed79657a2f91ab0198e71f850de745a53e92f14afe7418e8
-
SHA512
9d8d7271582e574f693760304386ba678e3fe25e0da3a97c06715219f81dbabaa33d842336c5c512ae64230e05c071faf707bf595b41221c383e82a59314b693
-
SSDEEP
6144:wHm3AIuZAIuq4LDcNqUY9qjsQsOEYHnzbkPNCKmCOrgEpgD:XAIuZAIu9ca9KSBCnzbkP8KmCOrpy
Behavioral task
behavioral1
Sample
9767d7965680493d1d49afa5e6451f50_NeikiAnalytics.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
9767d7965680493d1d49afa5e6451f50_NeikiAnalytics.exe
Resource
win10v2004-20240426-en
Malware Config
Targets
-
-
Target
9767d7965680493d1d49afa5e6451f50_NeikiAnalytics.exe
-
Size
375KB
-
MD5
9767d7965680493d1d49afa5e6451f50
-
SHA1
bc8dfe7cc5c58d02a17f2f662d63453b82cea4df
-
SHA256
d967b331406848d1ed79657a2f91ab0198e71f850de745a53e92f14afe7418e8
-
SHA512
9d8d7271582e574f693760304386ba678e3fe25e0da3a97c06715219f81dbabaa33d842336c5c512ae64230e05c071faf707bf595b41221c383e82a59314b693
-
SSDEEP
6144:wHm3AIuZAIuq4LDcNqUY9qjsQsOEYHnzbkPNCKmCOrgEpgD:XAIuZAIu9ca9KSBCnzbkP8KmCOrpy
Score9/10-
Renames multiple (5037) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-