General

  • Target

    601cb64ac212ecf49c19d0cd5df25980_NeikiAnalytics.exe

  • Size

    153KB

  • Sample

    240613-fkfspsydmp

  • MD5

    601cb64ac212ecf49c19d0cd5df25980

  • SHA1

    93967ba38b1ddd416cb7d1c9da492d4d46938ba8

  • SHA256

    fe25ca42092f0f492a18025f2f20839c23b23e8286693b08b8e1e5b879c5c317

  • SHA512

    a51872b2d7cf92fee617bd8730715e3db6af9a00aeec0f2f2337e44d578a0b86330b32f54b5bbf8bc3fde53166cc49b62b94fce6080770beca1ff798f82b9192

  • SSDEEP

    3072:6e7WpP9oVLQthbYY9oVLQthbUvEe7WpP9oVLQthbYY9oVLQthbUvs:RqA3qAE

Score
9/10

Malware Config

Targets

    • Target

      601cb64ac212ecf49c19d0cd5df25980_NeikiAnalytics.exe

    • Size

      153KB

    • MD5

      601cb64ac212ecf49c19d0cd5df25980

    • SHA1

      93967ba38b1ddd416cb7d1c9da492d4d46938ba8

    • SHA256

      fe25ca42092f0f492a18025f2f20839c23b23e8286693b08b8e1e5b879c5c317

    • SHA512

      a51872b2d7cf92fee617bd8730715e3db6af9a00aeec0f2f2337e44d578a0b86330b32f54b5bbf8bc3fde53166cc49b62b94fce6080770beca1ff798f82b9192

    • SSDEEP

      3072:6e7WpP9oVLQthbYY9oVLQthbUvEe7WpP9oVLQthbYY9oVLQthbUvs:RqA3qAE

    Score
    9/10
    • Renames multiple (4707) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Matrix

Tasks