General
-
Target
a6f79d90c68f4e59d3736068202d7700_NeikiAnalytics.exe
-
Size
185KB
-
Sample
240614-gf5fya1cql
-
MD5
a6f79d90c68f4e59d3736068202d7700
-
SHA1
59afeab6b6650da90d3b077df6c497d56aa9cf36
-
SHA256
b8ec9c414692e3ce7103d454d14c0c4badfb56e972c0d94945737525737a92ab
-
SHA512
455366e876c772b3c78bc5ee133790fd1913af51fcad5e33d721a50f0ec71900bbfaf7f18282f8285dd46c454022ffa6fb9e18b08cc0d79fb717ebe4a6df18d7
-
SSDEEP
3072:6e7WpMaxeb0CYJ97lEYNR73e+eKZ0VXade7WpMaxeb0CYJ97lEYNR73e+eKZ0VXs:RqKvb0CYJ973e+eKZ0V3qKvb0CYJ973t
Static task
static1
Behavioral task
behavioral1
Sample
a6f79d90c68f4e59d3736068202d7700_NeikiAnalytics.exe
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
a6f79d90c68f4e59d3736068202d7700_NeikiAnalytics.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
a6f79d90c68f4e59d3736068202d7700_NeikiAnalytics.exe
-
Size
185KB
-
MD5
a6f79d90c68f4e59d3736068202d7700
-
SHA1
59afeab6b6650da90d3b077df6c497d56aa9cf36
-
SHA256
b8ec9c414692e3ce7103d454d14c0c4badfb56e972c0d94945737525737a92ab
-
SHA512
455366e876c772b3c78bc5ee133790fd1913af51fcad5e33d721a50f0ec71900bbfaf7f18282f8285dd46c454022ffa6fb9e18b08cc0d79fb717ebe4a6df18d7
-
SSDEEP
3072:6e7WpMaxeb0CYJ97lEYNR73e+eKZ0VXade7WpMaxeb0CYJ97lEYNR73e+eKZ0VXs:RqKvb0CYJ973e+eKZ0V3qKvb0CYJ973t
Score9/10-
Renames multiple (4252) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-