General
-
Target
2e8cea0e1a3ae4283cc55017bdeec4d0_NeikiAnalytics.exe
-
Size
94KB
-
Sample
240612-lam2xsxcmf
-
MD5
2e8cea0e1a3ae4283cc55017bdeec4d0
-
SHA1
c1757f86f1ee1dd6c8f5f138cafd996949a5162e
-
SHA256
fb3070b9d279361f38bbf46e91850b2899d3cbe69941e8dfd880a2a9cf50bd58
-
SHA512
349ced48f9ec9fee601304b147c6625ec4e8a0c6e26ff5c12f147fe5159ccbb6a3d366052344b47e491c69cd509e8148d144e7ba3d99806164710ba577dffed4
-
SSDEEP
1536:CTWn1++PJHJXA/OsIZfzc3/Q8Q8/8RY3TWn1++PJHJXA/OsIZfzc3/Q8Q8/8RYg:KQSoskRYTQSoskRYg
Behavioral task
behavioral1
Sample
2e8cea0e1a3ae4283cc55017bdeec4d0_NeikiAnalytics.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
2e8cea0e1a3ae4283cc55017bdeec4d0_NeikiAnalytics.exe
Resource
win10v2004-20240611-en
Malware Config
Targets
-
-
Target
2e8cea0e1a3ae4283cc55017bdeec4d0_NeikiAnalytics.exe
-
Size
94KB
-
MD5
2e8cea0e1a3ae4283cc55017bdeec4d0
-
SHA1
c1757f86f1ee1dd6c8f5f138cafd996949a5162e
-
SHA256
fb3070b9d279361f38bbf46e91850b2899d3cbe69941e8dfd880a2a9cf50bd58
-
SHA512
349ced48f9ec9fee601304b147c6625ec4e8a0c6e26ff5c12f147fe5159ccbb6a3d366052344b47e491c69cd509e8148d144e7ba3d99806164710ba577dffed4
-
SSDEEP
1536:CTWn1++PJHJXA/OsIZfzc3/Q8Q8/8RY3TWn1++PJHJXA/OsIZfzc3/Q8Q8/8RYg:KQSoskRYTQSoskRYg
Score9/10-
Renames multiple (5365) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-