General

  • Target

    1e59a3979c557eaffb43923c012577f0_NeikiAnalytics.exe

  • Size

    186KB

  • Sample

    240610-2wpqmstgja

  • MD5

    1e59a3979c557eaffb43923c012577f0

  • SHA1

    2323182de2ee415f2ff5d6409f6edcda4dde7fce

  • SHA256

    61750c0cbb129cae2dc63d249bc99a8761ca2262ae896a278763f23cb181f97d

  • SHA512

    bcea317dbc38b4a4b8926916cc0282831a9a2a620a4ef95b231c496a16f183a62345fc8e8aac9eb6381296ff0c75d10f61fb5297863728e6a11737cd2ea5801a

  • SSDEEP

    3072:KQSodY0dj/xdxuPgkDQSodY0dj/xdxuPgklXgXv:KQSodY05UIkDQSodY05UIklXgXv

Score
9/10

Malware Config

Targets

    • Target

      1e59a3979c557eaffb43923c012577f0_NeikiAnalytics.exe

    • Size

      186KB

    • MD5

      1e59a3979c557eaffb43923c012577f0

    • SHA1

      2323182de2ee415f2ff5d6409f6edcda4dde7fce

    • SHA256

      61750c0cbb129cae2dc63d249bc99a8761ca2262ae896a278763f23cb181f97d

    • SHA512

      bcea317dbc38b4a4b8926916cc0282831a9a2a620a4ef95b231c496a16f183a62345fc8e8aac9eb6381296ff0c75d10f61fb5297863728e6a11737cd2ea5801a

    • SSDEEP

      3072:KQSodY0dj/xdxuPgkDQSodY0dj/xdxuPgklXgXv:KQSodY05UIkDQSodY05UIklXgXv

    Score
    9/10
    • Renames multiple (3607) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Drops file in System32 directory

MITRE ATT&CK Matrix

Tasks