General

  • Target

    71c8eaf3dc1fe78e2d2bf56884746ff0_NeikiAnalytics.exe

  • Size

    92KB

  • Sample

    240613-lsla2sxdrp

  • MD5

    71c8eaf3dc1fe78e2d2bf56884746ff0

  • SHA1

    5cffef96b8b05c17ad6f0ab441f89a216c08fb1b

  • SHA256

    de8a43396a555648b410d024b9d98bb4a075dd7638c21dfa903bffc630384dbd

  • SHA512

    a433a32881dd96d6ca501c1ff7906af6c15e80cf6ef1190bd63427b6862dc47c00b8e92685076cf250c8ce2222877d96a1c248febf680434538604633f143321

  • SSDEEP

    1536:CTWn1++PJHJXA/OsIZfzc3/Q8Q8/8RYWTWn1++PJHJXA/OsIZfzc3/Q8Q8/8RYP:KQSoskRYGQSoskRYP

Score
9/10

Malware Config

Targets

    • Target

      71c8eaf3dc1fe78e2d2bf56884746ff0_NeikiAnalytics.exe

    • Size

      92KB

    • MD5

      71c8eaf3dc1fe78e2d2bf56884746ff0

    • SHA1

      5cffef96b8b05c17ad6f0ab441f89a216c08fb1b

    • SHA256

      de8a43396a555648b410d024b9d98bb4a075dd7638c21dfa903bffc630384dbd

    • SHA512

      a433a32881dd96d6ca501c1ff7906af6c15e80cf6ef1190bd63427b6862dc47c00b8e92685076cf250c8ce2222877d96a1c248febf680434538604633f143321

    • SSDEEP

      1536:CTWn1++PJHJXA/OsIZfzc3/Q8Q8/8RYWTWn1++PJHJXA/OsIZfzc3/Q8Q8/8RYP:KQSoskRYGQSoskRYP

    Score
    9/10
    • Renames multiple (5320) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Drops file in System32 directory

MITRE ATT&CK Matrix

Tasks