General

  • Target

    5e65aa8a381ba11864a17f6732e5e7c0_NeikiAnalytics.exe

  • Size

    184KB

  • Sample

    240613-e28dlsxgkq

  • MD5

    5e65aa8a381ba11864a17f6732e5e7c0

  • SHA1

    95ebaeaac1e7601339a74d147395303eb05de140

  • SHA256

    6832f0c0375d75e67fcd799c57a2ce737a36b547b499d8335558e81986fc86ea

  • SHA512

    ba7766a2e3d8659fc0a4573e7ced3643c674f98653a36dd748f6d09703e3cad6c4e6dfc89b5d3d9399f02d6201bbb47d4264bfd18e777ddb063f2e56cf6c000a

  • SSDEEP

    3072:6e7WpMaxeb0CYJ97lEYNR73e+eKZ0VXaee7WpMaxeb0CYJ97lEYNR73e+eKZ0VX3:RqKvb0CYJ973e+eKZ0V2qKvb0CYJ973i

Score
9/10

Malware Config

Targets

    • Target

      5e65aa8a381ba11864a17f6732e5e7c0_NeikiAnalytics.exe

    • Size

      184KB

    • MD5

      5e65aa8a381ba11864a17f6732e5e7c0

    • SHA1

      95ebaeaac1e7601339a74d147395303eb05de140

    • SHA256

      6832f0c0375d75e67fcd799c57a2ce737a36b547b499d8335558e81986fc86ea

    • SHA512

      ba7766a2e3d8659fc0a4573e7ced3643c674f98653a36dd748f6d09703e3cad6c4e6dfc89b5d3d9399f02d6201bbb47d4264bfd18e777ddb063f2e56cf6c000a

    • SSDEEP

      3072:6e7WpMaxeb0CYJ97lEYNR73e+eKZ0VXaee7WpMaxeb0CYJ97lEYNR73e+eKZ0VX3:RqKvb0CYJ973e+eKZ0V2qKvb0CYJ973i

    Score
    9/10
    • Renames multiple (840) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Matrix

Tasks