General

  • Target

    bb1f04fb0ba65f3be9d7a05094638ea0_NeikiAnalytics.exe

  • Size

    233KB

  • Sample

    240614-nexg9sscjm

  • MD5

    bb1f04fb0ba65f3be9d7a05094638ea0

  • SHA1

    19f4964b329fced58f6e86712c64d7242585bf13

  • SHA256

    e05cd2457b46ccbebea36325c5e1f22f5d7d1c2b5120ce99eaa8d1b334404671

  • SHA512

    6ddb0047aaa977bdb83de150977eba9373099b4152a0f55ca9f79c0993fa5fb294817f6cc76a1cdbd0f63e0bbe454692f7d990934a0ba09020979f48bef4ae70

  • SSDEEP

    3072:hfAIuZAIuYSMjoqtMHfhflixigfAIuZAIuYSMjoqtMHfhflixii:hfAIuZAIuDMVtM/CfAIuZAIuDMVtM/I

Score
9/10

Malware Config

Targets

    • Target

      bb1f04fb0ba65f3be9d7a05094638ea0_NeikiAnalytics.exe

    • Size

      233KB

    • MD5

      bb1f04fb0ba65f3be9d7a05094638ea0

    • SHA1

      19f4964b329fced58f6e86712c64d7242585bf13

    • SHA256

      e05cd2457b46ccbebea36325c5e1f22f5d7d1c2b5120ce99eaa8d1b334404671

    • SHA512

      6ddb0047aaa977bdb83de150977eba9373099b4152a0f55ca9f79c0993fa5fb294817f6cc76a1cdbd0f63e0bbe454692f7d990934a0ba09020979f48bef4ae70

    • SSDEEP

      3072:hfAIuZAIuYSMjoqtMHfhflixigfAIuZAIuYSMjoqtMHfhflixii:hfAIuZAIuDMVtM/CfAIuZAIuDMVtM/I

    Score
    9/10
    • Renames multiple (360) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Drops file in System32 directory

MITRE ATT&CK Matrix

Tasks