General

  • Target

    32a1f4e7264acd59b53dff71ee586930_NeikiAnalytics.exe

  • Size

    147KB

  • Sample

    240612-mcw82s1cla

  • MD5

    32a1f4e7264acd59b53dff71ee586930

  • SHA1

    f870dbfa35252b35f67652b72400af0853ed44c0

  • SHA256

    2ef7cef015b868983c42fac7e71226ba489e8ad4688d223753bb9545276ec247

  • SHA512

    7616e0279b59de92c41485699d23cb85921206009f49b3eaf14c6d84173cae4a9b6ffff80461784c85ec7e655f7205e2143eac5e73ceb4087fa2aa97431c7141

  • SSDEEP

    3072:6pWpUFpEhLfyBtPf50FWkFpPDze/qFsxEhLfyBtPf50FWkFpPDze/qFslEhLfyBj:PqFF2Ie+eFnqFF2Ie+eFo

Score
9/10

Malware Config

Targets

    • Target

      32a1f4e7264acd59b53dff71ee586930_NeikiAnalytics.exe

    • Size

      147KB

    • MD5

      32a1f4e7264acd59b53dff71ee586930

    • SHA1

      f870dbfa35252b35f67652b72400af0853ed44c0

    • SHA256

      2ef7cef015b868983c42fac7e71226ba489e8ad4688d223753bb9545276ec247

    • SHA512

      7616e0279b59de92c41485699d23cb85921206009f49b3eaf14c6d84173cae4a9b6ffff80461784c85ec7e655f7205e2143eac5e73ceb4087fa2aa97431c7141

    • SSDEEP

      3072:6pWpUFpEhLfyBtPf50FWkFpPDze/qFsxEhLfyBtPf50FWkFpPDze/qFslEhLfyBj:PqFF2Ie+eFnqFF2Ie+eFo

    Score
    9/10
    • Renames multiple (4128) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Matrix

Tasks