General

  • Target

    a6f79d90c68f4e59d3736068202d7700_NeikiAnalytics.exe

  • Size

    185KB

  • Sample

    240614-gf5fya1cql

  • MD5

    a6f79d90c68f4e59d3736068202d7700

  • SHA1

    59afeab6b6650da90d3b077df6c497d56aa9cf36

  • SHA256

    b8ec9c414692e3ce7103d454d14c0c4badfb56e972c0d94945737525737a92ab

  • SHA512

    455366e876c772b3c78bc5ee133790fd1913af51fcad5e33d721a50f0ec71900bbfaf7f18282f8285dd46c454022ffa6fb9e18b08cc0d79fb717ebe4a6df18d7

  • SSDEEP

    3072:6e7WpMaxeb0CYJ97lEYNR73e+eKZ0VXade7WpMaxeb0CYJ97lEYNR73e+eKZ0VXs:RqKvb0CYJ973e+eKZ0V3qKvb0CYJ973t

Score
9/10

Malware Config

Targets

    • Target

      a6f79d90c68f4e59d3736068202d7700_NeikiAnalytics.exe

    • Size

      185KB

    • MD5

      a6f79d90c68f4e59d3736068202d7700

    • SHA1

      59afeab6b6650da90d3b077df6c497d56aa9cf36

    • SHA256

      b8ec9c414692e3ce7103d454d14c0c4badfb56e972c0d94945737525737a92ab

    • SHA512

      455366e876c772b3c78bc5ee133790fd1913af51fcad5e33d721a50f0ec71900bbfaf7f18282f8285dd46c454022ffa6fb9e18b08cc0d79fb717ebe4a6df18d7

    • SSDEEP

      3072:6e7WpMaxeb0CYJ97lEYNR73e+eKZ0VXade7WpMaxeb0CYJ97lEYNR73e+eKZ0VXs:RqKvb0CYJ973e+eKZ0V3qKvb0CYJ973t

    Score
    9/10
    • Renames multiple (4252) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Matrix

Tasks