General

  • Target

    4b72d02d45d2cad1b26eedec39cf2d10_NeikiAnalytics.exe

  • Size

    125KB

  • Sample

    240612-22358avajc

  • MD5

    4b72d02d45d2cad1b26eedec39cf2d10

  • SHA1

    a08a34d620dfd58553e061776f6be6d8b03f8eba

  • SHA256

    916725f5e35e1de9d39460ca4f20f2170c67219b6441794fbcf1a60c30336cd2

  • SHA512

    f7902bdc31df413d7e5c6359076306790f49bbe38f3c6a0930910f7469165c66e65fe4bdcca8c57f72bb2227cd5a9276d478d53641f3a5049d7f6c060be1d1e3

  • SSDEEP

    3072:KQSohsUsxe+erZs1o8k1o84QSohsUsxe+erZs1o8k1o8qD8:KQSohsUsxe+ewQSohsUsxe+eyD8

Score
9/10

Malware Config

Targets

    • Target

      4b72d02d45d2cad1b26eedec39cf2d10_NeikiAnalytics.exe

    • Size

      125KB

    • MD5

      4b72d02d45d2cad1b26eedec39cf2d10

    • SHA1

      a08a34d620dfd58553e061776f6be6d8b03f8eba

    • SHA256

      916725f5e35e1de9d39460ca4f20f2170c67219b6441794fbcf1a60c30336cd2

    • SHA512

      f7902bdc31df413d7e5c6359076306790f49bbe38f3c6a0930910f7469165c66e65fe4bdcca8c57f72bb2227cd5a9276d478d53641f3a5049d7f6c060be1d1e3

    • SSDEEP

      3072:KQSohsUsxe+erZs1o8k1o84QSohsUsxe+erZs1o8k1o8qD8:KQSohsUsxe+ewQSohsUsxe+eyD8

    Score
    9/10
    • Renames multiple (4213) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Drops file in System32 directory

MITRE ATT&CK Matrix

Tasks