General

  • Target

    ad7e5a90b42c56e7722536a81256a970_NeikiAnalytics.exe

  • Size

    119KB

  • Sample

    240614-jfz8bsthkk

  • MD5

    ad7e5a90b42c56e7722536a81256a970

  • SHA1

    896612c0a39c028e1dc0e29dd3d19595d690b70b

  • SHA256

    caea87652d62fe19c68f665ef736454eedd0b96fc912a50ad8a166b9f8b267f5

  • SHA512

    9fcb2cd5ac8b66d5dc7a20514a5e71433e8a820ea3f23338c186e356b79d7bde1ac9311bff7cbcd422ed2961627fcf9952f922381cab14f7bb8cdfca4e3eb543

  • SSDEEP

    3072:KQSohsUsxe+erZs1o8k1o8MQSohsUsxe+erZs1o8k1o8J:KQSohsUsxe+eEQSohsUsxe+eB

Score
9/10

Malware Config

Targets

    • Target

      ad7e5a90b42c56e7722536a81256a970_NeikiAnalytics.exe

    • Size

      119KB

    • MD5

      ad7e5a90b42c56e7722536a81256a970

    • SHA1

      896612c0a39c028e1dc0e29dd3d19595d690b70b

    • SHA256

      caea87652d62fe19c68f665ef736454eedd0b96fc912a50ad8a166b9f8b267f5

    • SHA512

      9fcb2cd5ac8b66d5dc7a20514a5e71433e8a820ea3f23338c186e356b79d7bde1ac9311bff7cbcd422ed2961627fcf9952f922381cab14f7bb8cdfca4e3eb543

    • SSDEEP

      3072:KQSohsUsxe+erZs1o8k1o8MQSohsUsxe+erZs1o8k1o8J:KQSohsUsxe+eEQSohsUsxe+eB

    Score
    9/10
    • Renames multiple (1164) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Drops file in System32 directory

MITRE ATT&CK Matrix

Tasks