General

  • Target

    5ec9c84ea5a54ec35e936c93b41e22b0_NeikiAnalytics.exe

  • Size

    117KB

  • Sample

    240613-e6zbhaxhkm

  • MD5

    5ec9c84ea5a54ec35e936c93b41e22b0

  • SHA1

    97f11de9582692fdda39b9188bdd1f7e3eb7dc78

  • SHA256

    bfeb932d3b3275a5c3fd8fa998e34ea6caf7f7dd36a03ee89df2932b0c842c71

  • SHA512

    30d284c8b20c8f1b81f41921028ba904eb3e9603ecd476556697c96d19199237c61986523431ff6bac6dae5de459ffe5db04d7d9cc2f85aab57462fddc9fade4

  • SSDEEP

    3072:KQSohsUsxe+erZs1o8k1o8fQSohsUsxe+erZs1o8k1o8J:KQSohsUsxe+eHQSohsUsxe+eB

Score
9/10

Malware Config

Targets

    • Target

      5ec9c84ea5a54ec35e936c93b41e22b0_NeikiAnalytics.exe

    • Size

      117KB

    • MD5

      5ec9c84ea5a54ec35e936c93b41e22b0

    • SHA1

      97f11de9582692fdda39b9188bdd1f7e3eb7dc78

    • SHA256

      bfeb932d3b3275a5c3fd8fa998e34ea6caf7f7dd36a03ee89df2932b0c842c71

    • SHA512

      30d284c8b20c8f1b81f41921028ba904eb3e9603ecd476556697c96d19199237c61986523431ff6bac6dae5de459ffe5db04d7d9cc2f85aab57462fddc9fade4

    • SSDEEP

      3072:KQSohsUsxe+erZs1o8k1o8fQSohsUsxe+erZs1o8k1o8J:KQSohsUsxe+eHQSohsUsxe+eB

    Score
    9/10
    • Renames multiple (4243) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Drops file in System32 directory

MITRE ATT&CK Matrix

Tasks