General

  • Target

    ab8a7a0e162375348a7766896e28ad00_NeikiAnalytics.exe

  • Size

    370KB

  • Sample

    240614-hxh5pstblp

  • MD5

    ab8a7a0e162375348a7766896e28ad00

  • SHA1

    eda04cefa89808fe933c3927689c5b9b6b3bfdcb

  • SHA256

    c2c35839dccade3364170d9156da14b8b4991f730c3e2060adb76c5ca2e3af29

  • SHA512

    6b585edee57c291d594884828af58460e225312e052bba72ae65f8bbd4de15f05db768e6d33ebcb9a02ccee4a63fcfb95ea4bbb5c10c52ee66346ea962295cf7

  • SSDEEP

    6144:PC5lqo52kDzMYDJSi7+Ni2ER9Vh98+1PrEVhkQf0huIDaLOjm9:aMqzBDJkk2ERvT8MPAf/O69

Score
9/10

Malware Config

Targets

    • Target

      ab8a7a0e162375348a7766896e28ad00_NeikiAnalytics.exe

    • Size

      370KB

    • MD5

      ab8a7a0e162375348a7766896e28ad00

    • SHA1

      eda04cefa89808fe933c3927689c5b9b6b3bfdcb

    • SHA256

      c2c35839dccade3364170d9156da14b8b4991f730c3e2060adb76c5ca2e3af29

    • SHA512

      6b585edee57c291d594884828af58460e225312e052bba72ae65f8bbd4de15f05db768e6d33ebcb9a02ccee4a63fcfb95ea4bbb5c10c52ee66346ea962295cf7

    • SSDEEP

      6144:PC5lqo52kDzMYDJSi7+Ni2ER9Vh98+1PrEVhkQf0huIDaLOjm9:aMqzBDJkk2ERvT8MPAf/O69

    Score
    9/10
    • Renames multiple (1025) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Matrix

Tasks