General

  • Target

    5f76667bd99c9aae7919aee0b5050880_NeikiAnalytics.exe

  • Size

    185KB

  • Sample

    240613-fdc38sybln

  • MD5

    5f76667bd99c9aae7919aee0b5050880

  • SHA1

    6953ae5a62f877e0d6c684df67eca594446eee47

  • SHA256

    81e49c38d8eced5bc7399cf17d5f5b5a93ac5aee267cacccfedd51e17222c5b7

  • SHA512

    a0fb2a87ddd014ad3c03f4ab4f6bc42bda8761a94a3d116934ac44ba61cbf9ca0636f3d76a4b2ee82216a00e7097e942c324776681e0eed798fc193ecc48af4d

  • SSDEEP

    3072:6e7WpMaxeb0CYJ97lEYNR73e+eKZ0VXaPe7WpMaxeb0CYJ97lEYNR73e+eKZ0VXM:RqKvb0CYJ973e+eKZ0VlqKvb0CYJ9739

Score
9/10

Malware Config

Targets

    • Target

      5f76667bd99c9aae7919aee0b5050880_NeikiAnalytics.exe

    • Size

      185KB

    • MD5

      5f76667bd99c9aae7919aee0b5050880

    • SHA1

      6953ae5a62f877e0d6c684df67eca594446eee47

    • SHA256

      81e49c38d8eced5bc7399cf17d5f5b5a93ac5aee267cacccfedd51e17222c5b7

    • SHA512

      a0fb2a87ddd014ad3c03f4ab4f6bc42bda8761a94a3d116934ac44ba61cbf9ca0636f3d76a4b2ee82216a00e7097e942c324776681e0eed798fc193ecc48af4d

    • SSDEEP

      3072:6e7WpMaxeb0CYJ97lEYNR73e+eKZ0VXaPe7WpMaxeb0CYJ97lEYNR73e+eKZ0VXM:RqKvb0CYJ973e+eKZ0VlqKvb0CYJ9739

    Score
    9/10
    • Renames multiple (776) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Matrix

Tasks