General

  • Target

    2d7a01b94b4eceaeae39b6724b918ae0_NeikiAnalytics.exe

  • Size

    194KB

  • Sample

    240612-kz9fsaxanr

  • MD5

    2d7a01b94b4eceaeae39b6724b918ae0

  • SHA1

    6ed123e949c6b73c1d711b844332f909bf9d1b5c

  • SHA256

    bdaa477caf3e55be5d5e0a5e3a5ddbcae05833144a7df63c0d05ec6d28d7f872

  • SHA512

    ef8014e6dd0b8c9886d50aca471be48dce89919632379299c65fb4f2984eb94300e1b12e59d0948eacb6f62aec63f775f25c094063d092a996149dc0e549a3cc

  • SSDEEP

    3072:6rWpcOPxPke+e3fFpsJOfFpsJbgEsrWpcOPxPke+e3fFpsJOfFpsJbgEb:tFPxPke+eI7FPxPke+eIb

Score
9/10

Malware Config

Targets

    • Target

      2d7a01b94b4eceaeae39b6724b918ae0_NeikiAnalytics.exe

    • Size

      194KB

    • MD5

      2d7a01b94b4eceaeae39b6724b918ae0

    • SHA1

      6ed123e949c6b73c1d711b844332f909bf9d1b5c

    • SHA256

      bdaa477caf3e55be5d5e0a5e3a5ddbcae05833144a7df63c0d05ec6d28d7f872

    • SHA512

      ef8014e6dd0b8c9886d50aca471be48dce89919632379299c65fb4f2984eb94300e1b12e59d0948eacb6f62aec63f775f25c094063d092a996149dc0e549a3cc

    • SSDEEP

      3072:6rWpcOPxPke+e3fFpsJOfFpsJbgEsrWpcOPxPke+e3fFpsJOfFpsJbgEb:tFPxPke+eI7FPxPke+eIb

    Score
    9/10
    • Renames multiple (4479) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Matrix

Tasks