General

  • Target

    2c8bb039972e456441e799bd742a32e0_NeikiAnalytics.exe

  • Size

    177KB

  • Sample

    240612-kn4fdswepd

  • MD5

    2c8bb039972e456441e799bd742a32e0

  • SHA1

    8d54d30eed43168d695ce3e445560f8528e77aa1

  • SHA256

    8c17e52f034de6cc1e85a40cf2e9d317435ba332746c41ae57743d1a615acdf8

  • SHA512

    08f5e5ae92a66700c5f9daed54669051dff92d943778ae77c23c951d9157288c64bfaa7719c42dc5582bfd10e1e70811ffd24aeca77b092babc591140d107e63

  • SSDEEP

    3072:6e7WpP9oVLQthbYY9oVLQthbUvwe7WpP9oVLQthbYY9oVLQthbUvT:RqArqAb

Score
9/10

Malware Config

Targets

    • Target

      2c8bb039972e456441e799bd742a32e0_NeikiAnalytics.exe

    • Size

      177KB

    • MD5

      2c8bb039972e456441e799bd742a32e0

    • SHA1

      8d54d30eed43168d695ce3e445560f8528e77aa1

    • SHA256

      8c17e52f034de6cc1e85a40cf2e9d317435ba332746c41ae57743d1a615acdf8

    • SHA512

      08f5e5ae92a66700c5f9daed54669051dff92d943778ae77c23c951d9157288c64bfaa7719c42dc5582bfd10e1e70811ffd24aeca77b092babc591140d107e63

    • SSDEEP

      3072:6e7WpP9oVLQthbYY9oVLQthbUvwe7WpP9oVLQthbYY9oVLQthbUvT:RqArqAb

    Score
    9/10
    • Renames multiple (4143) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Matrix

Tasks