General

  • Target

    4f39a13ac6e9692fc33dde5271a6b2a0_NeikiAnalytics.exe

  • Size

    152KB

  • Sample

    240613-ah4tvswglg

  • MD5

    4f39a13ac6e9692fc33dde5271a6b2a0

  • SHA1

    d2fe05fc75fdfca32f7b8b5ea6516c7bbaa7d504

  • SHA256

    282e6f427700317b8eb06d23e63b113dc1030c4461e77726f76bf30ed62fd854

  • SHA512

    41b798446e1d915fcf101372f89bb748e84025aaf54a5dfd19482c451f1b3e9828360a055e0a84aa680e7af14563aa4738e476281029a99933706675f250237b

  • SSDEEP

    3072:6pWpUFpEhLfyBtPf50FWkFpPDze/qFsxEhLfyBtPf50FWkFpPDze/qFslEhLfyBk:PqFF2Ie+eFgqFF2Ie+eFK

Score
9/10

Malware Config

Targets

    • Target

      4f39a13ac6e9692fc33dde5271a6b2a0_NeikiAnalytics.exe

    • Size

      152KB

    • MD5

      4f39a13ac6e9692fc33dde5271a6b2a0

    • SHA1

      d2fe05fc75fdfca32f7b8b5ea6516c7bbaa7d504

    • SHA256

      282e6f427700317b8eb06d23e63b113dc1030c4461e77726f76bf30ed62fd854

    • SHA512

      41b798446e1d915fcf101372f89bb748e84025aaf54a5dfd19482c451f1b3e9828360a055e0a84aa680e7af14563aa4738e476281029a99933706675f250237b

    • SSDEEP

      3072:6pWpUFpEhLfyBtPf50FWkFpPDze/qFsxEhLfyBtPf50FWkFpPDze/qFslEhLfyBk:PqFF2Ie+eFgqFF2Ie+eFK

    Score
    9/10
    • Renames multiple (4773) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Matrix

Tasks