General
-
Target
1e59a3979c557eaffb43923c012577f0_NeikiAnalytics.exe
-
Size
186KB
-
Sample
240610-2wpqmstgja
-
MD5
1e59a3979c557eaffb43923c012577f0
-
SHA1
2323182de2ee415f2ff5d6409f6edcda4dde7fce
-
SHA256
61750c0cbb129cae2dc63d249bc99a8761ca2262ae896a278763f23cb181f97d
-
SHA512
bcea317dbc38b4a4b8926916cc0282831a9a2a620a4ef95b231c496a16f183a62345fc8e8aac9eb6381296ff0c75d10f61fb5297863728e6a11737cd2ea5801a
-
SSDEEP
3072:KQSodY0dj/xdxuPgkDQSodY0dj/xdxuPgklXgXv:KQSodY05UIkDQSodY05UIklXgXv
Behavioral task
behavioral1
Sample
1e59a3979c557eaffb43923c012577f0_NeikiAnalytics.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
1e59a3979c557eaffb43923c012577f0_NeikiAnalytics.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
1e59a3979c557eaffb43923c012577f0_NeikiAnalytics.exe
-
Size
186KB
-
MD5
1e59a3979c557eaffb43923c012577f0
-
SHA1
2323182de2ee415f2ff5d6409f6edcda4dde7fce
-
SHA256
61750c0cbb129cae2dc63d249bc99a8761ca2262ae896a278763f23cb181f97d
-
SHA512
bcea317dbc38b4a4b8926916cc0282831a9a2a620a4ef95b231c496a16f183a62345fc8e8aac9eb6381296ff0c75d10f61fb5297863728e6a11737cd2ea5801a
-
SSDEEP
3072:KQSodY0dj/xdxuPgkDQSodY0dj/xdxuPgklXgXv:KQSodY05UIkDQSodY05UIklXgXv
Score9/10-
Renames multiple (3607) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-