General

  • Target

    208c98398f4442899d0e8cbf390ccf70_NeikiAnalytics.exe

  • Size

    166KB

  • Sample

    240611-ak8ktsxall

  • MD5

    208c98398f4442899d0e8cbf390ccf70

  • SHA1

    a3c001f654598968f7f3b001ce86f22c00e27193

  • SHA256

    711248037a4d3bf5fcd2cc8b9463c7bb9dd8ff8d2a39e43244b6af3c868d478e

  • SHA512

    c89a8428dbdc982044c8a93279e5943ade8a3082256d0f4c1fe1bd8615aaf336778b35325ac434114f91d754b54cf0df0ad3ac955c4059941adb3e4f907a71af

  • SSDEEP

    3072:6DWpwE7oL2e+efZwZ08i88DWpwE7oL2e+efZwZ08i88H0:dN/e+efimJMN/e+efimJy

Score
9/10

Malware Config

Targets

    • Target

      208c98398f4442899d0e8cbf390ccf70_NeikiAnalytics.exe

    • Size

      166KB

    • MD5

      208c98398f4442899d0e8cbf390ccf70

    • SHA1

      a3c001f654598968f7f3b001ce86f22c00e27193

    • SHA256

      711248037a4d3bf5fcd2cc8b9463c7bb9dd8ff8d2a39e43244b6af3c868d478e

    • SHA512

      c89a8428dbdc982044c8a93279e5943ade8a3082256d0f4c1fe1bd8615aaf336778b35325ac434114f91d754b54cf0df0ad3ac955c4059941adb3e4f907a71af

    • SSDEEP

      3072:6DWpwE7oL2e+efZwZ08i88DWpwE7oL2e+efZwZ08i88H0:dN/e+efimJMN/e+efimJy

    Score
    9/10
    • Renames multiple (3909) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Matrix

Tasks