General

  • Target

    6161795e7036893ec288dcb22677fac0_NeikiAnalytics.exe

  • Size

    116KB

  • Sample

    240613-fyvh1svhkd

  • MD5

    6161795e7036893ec288dcb22677fac0

  • SHA1

    a3287bded1cc806ec1d5a302b5722acef543a8cb

  • SHA256

    84cf71f69a8f8dddbd204e2fa1e5b7677946e387b8e370d45b91c5498e33717d

  • SHA512

    4de923525012a7da74f6a05a17807e3d6f105759de1de80ad8c773ac382faac5308a1ef634a61bc6ecba33c3f84d2e14774a95eb5fd9c2dbfba87fe0c0ddf6d7

  • SSDEEP

    1536:CTWn1++PJHJXA/OsIZfzc3/Q8asUsTq5q9BVI2I0TWn1++PJHJXA/OsIZfzc3/Qh:KQSohsUsWU9BK3kQSohsUsWU9BK3T

Score
9/10

Malware Config

Targets

    • Target

      6161795e7036893ec288dcb22677fac0_NeikiAnalytics.exe

    • Size

      116KB

    • MD5

      6161795e7036893ec288dcb22677fac0

    • SHA1

      a3287bded1cc806ec1d5a302b5722acef543a8cb

    • SHA256

      84cf71f69a8f8dddbd204e2fa1e5b7677946e387b8e370d45b91c5498e33717d

    • SHA512

      4de923525012a7da74f6a05a17807e3d6f105759de1de80ad8c773ac382faac5308a1ef634a61bc6ecba33c3f84d2e14774a95eb5fd9c2dbfba87fe0c0ddf6d7

    • SSDEEP

      1536:CTWn1++PJHJXA/OsIZfzc3/Q8asUsTq5q9BVI2I0TWn1++PJHJXA/OsIZfzc3/Qh:KQSohsUsWU9BK3kQSohsUsWU9BK3T

    Score
    9/10
    • Renames multiple (4295) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Drops file in System32 directory

MITRE ATT&CK Matrix

Tasks