General
-
Target
ab8a7a0e162375348a7766896e28ad00_NeikiAnalytics.exe
-
Size
370KB
-
Sample
240614-hxh5pstblp
-
MD5
ab8a7a0e162375348a7766896e28ad00
-
SHA1
eda04cefa89808fe933c3927689c5b9b6b3bfdcb
-
SHA256
c2c35839dccade3364170d9156da14b8b4991f730c3e2060adb76c5ca2e3af29
-
SHA512
6b585edee57c291d594884828af58460e225312e052bba72ae65f8bbd4de15f05db768e6d33ebcb9a02ccee4a63fcfb95ea4bbb5c10c52ee66346ea962295cf7
-
SSDEEP
6144:PC5lqo52kDzMYDJSi7+Ni2ER9Vh98+1PrEVhkQf0huIDaLOjm9:aMqzBDJkk2ERvT8MPAf/O69
Static task
static1
Behavioral task
behavioral1
Sample
ab8a7a0e162375348a7766896e28ad00_NeikiAnalytics.exe
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
ab8a7a0e162375348a7766896e28ad00_NeikiAnalytics.exe
Resource
win10v2004-20240611-en
Malware Config
Targets
-
-
Target
ab8a7a0e162375348a7766896e28ad00_NeikiAnalytics.exe
-
Size
370KB
-
MD5
ab8a7a0e162375348a7766896e28ad00
-
SHA1
eda04cefa89808fe933c3927689c5b9b6b3bfdcb
-
SHA256
c2c35839dccade3364170d9156da14b8b4991f730c3e2060adb76c5ca2e3af29
-
SHA512
6b585edee57c291d594884828af58460e225312e052bba72ae65f8bbd4de15f05db768e6d33ebcb9a02ccee4a63fcfb95ea4bbb5c10c52ee66346ea962295cf7
-
SSDEEP
6144:PC5lqo52kDzMYDJSi7+Ni2ER9Vh98+1PrEVhkQf0huIDaLOjm9:aMqzBDJkk2ERvT8MPAf/O69
Score9/10-
Renames multiple (1025) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-