General

  • Target

    1d1a58412921bee8444f9d9ab67b5e80_NeikiAnalytics.exe

  • Size

    91KB

  • Sample

    240610-113bvsseje

  • MD5

    1d1a58412921bee8444f9d9ab67b5e80

  • SHA1

    12ec41a4dcb452a89215e76183015ad6c88c5b16

  • SHA256

    3de6f63afbae4ed5fb5deb97ed2fa203da5785676481a5fce63ebf781115e753

  • SHA512

    c95fece7fa01d8fa52d097bb13129f4ade6babbe91af5e7bc4b827c9b5d1c2eedb0114cd6676c8e166cc3fb7cfb55fef41fadbfc85a54e13041187db549b488e

  • SSDEEP

    1536:W7ZNLpApCZuvIYXL7ZNLpApCZuvIYXjNgNn:6NLWpCZLY5NLWpCZLYzNgNn

Score
9/10

Malware Config

Targets

    • Target

      1d1a58412921bee8444f9d9ab67b5e80_NeikiAnalytics.exe

    • Size

      91KB

    • MD5

      1d1a58412921bee8444f9d9ab67b5e80

    • SHA1

      12ec41a4dcb452a89215e76183015ad6c88c5b16

    • SHA256

      3de6f63afbae4ed5fb5deb97ed2fa203da5785676481a5fce63ebf781115e753

    • SHA512

      c95fece7fa01d8fa52d097bb13129f4ade6babbe91af5e7bc4b827c9b5d1c2eedb0114cd6676c8e166cc3fb7cfb55fef41fadbfc85a54e13041187db549b488e

    • SSDEEP

      1536:W7ZNLpApCZuvIYXL7ZNLpApCZuvIYXjNgNn:6NLWpCZLY5NLWpCZLYzNgNn

    Score
    9/10
    • Renames multiple (5014) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Matrix

Tasks