General

  • Target

    ad137409273b85046bd67e1050d68e60_NeikiAnalytics.exe

  • Size

    155KB

  • Sample

    240614-jb6jjstfnk

  • MD5

    ad137409273b85046bd67e1050d68e60

  • SHA1

    ccb07c58455b5cc008d4017c7b0e74dfa21ca573

  • SHA256

    af2a0dd8f60fe6cec871e3a64378148c2f3fbf92e0d7adc7c1426af950d6c87b

  • SHA512

    3f3221f7db98127fa04b0cba08aac174458177f0cfeacc6dbfd1078d152f675f83381d53935c1fc5ab4ebb658ea73219f60965bd9100cdae3f2a38729f1c6fa9

  • SSDEEP

    1536:W7ZhA7pApvOsOKjC0YSilpFpfkJOM2kJOMIsKsc696xZi7ZhA7pApvOsOKjC0YS3:6e7WpXYvndie7WpXYvndS7

Score
9/10

Malware Config

Targets

    • Target

      ad137409273b85046bd67e1050d68e60_NeikiAnalytics.exe

    • Size

      155KB

    • MD5

      ad137409273b85046bd67e1050d68e60

    • SHA1

      ccb07c58455b5cc008d4017c7b0e74dfa21ca573

    • SHA256

      af2a0dd8f60fe6cec871e3a64378148c2f3fbf92e0d7adc7c1426af950d6c87b

    • SHA512

      3f3221f7db98127fa04b0cba08aac174458177f0cfeacc6dbfd1078d152f675f83381d53935c1fc5ab4ebb658ea73219f60965bd9100cdae3f2a38729f1c6fa9

    • SSDEEP

      1536:W7ZhA7pApvOsOKjC0YSilpFpfkJOM2kJOMIsKsc696xZi7ZhA7pApvOsOKjC0YS3:6e7WpXYvndie7WpXYvndS7

    Score
    9/10
    • Renames multiple (4047) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Matrix

Tasks