General

  • Target

    bc2cf91a2846ca83551b54305b6ca020_NeikiAnalytics.exe

  • Size

    155KB

  • Sample

    240614-nrbfkasgkl

  • MD5

    bc2cf91a2846ca83551b54305b6ca020

  • SHA1

    891d530c9ef6487055166e49b96521b90a0577d1

  • SHA256

    7fa34e7dfd88baff02711868cc23aeda8a995b9faab0a4978ea6cf52b17a7812

  • SHA512

    afdd99633af5c33f1cee6700efa1ffb76d2de130ac5ada32013953d79c243108de170b45f01ad1e05872bd90ac60f15ce056a7ad341fdb8e57de5d3d5afe61fe

  • SSDEEP

    1536:W7ZhA7pApvOsOKjC0YSilpFpfkJOM2kJOMIsKsc696xZA7ZhA7pApvOsOKjC0YSw:6e7WpXYvndce7WpXYvnd9

Score
9/10

Malware Config

Targets

    • Target

      bc2cf91a2846ca83551b54305b6ca020_NeikiAnalytics.exe

    • Size

      155KB

    • MD5

      bc2cf91a2846ca83551b54305b6ca020

    • SHA1

      891d530c9ef6487055166e49b96521b90a0577d1

    • SHA256

      7fa34e7dfd88baff02711868cc23aeda8a995b9faab0a4978ea6cf52b17a7812

    • SHA512

      afdd99633af5c33f1cee6700efa1ffb76d2de130ac5ada32013953d79c243108de170b45f01ad1e05872bd90ac60f15ce056a7ad341fdb8e57de5d3d5afe61fe

    • SSDEEP

      1536:W7ZhA7pApvOsOKjC0YSilpFpfkJOM2kJOMIsKsc696xZA7ZhA7pApvOsOKjC0YSw:6e7WpXYvndce7WpXYvnd9

    Score
    9/10
    • Renames multiple (4989) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Matrix

Tasks