General

  • Target

    cf013113a28832d19340dd8a54cff540_NeikiAnalytics.exe

  • Size

    94KB

  • Sample

    240616-dbcctazhnp

  • MD5

    cf013113a28832d19340dd8a54cff540

  • SHA1

    5b6b543a59d25804aebe8a834ca862aee2647018

  • SHA256

    421a07b6523aaaf1254b3e294ad67bd1c869b7e9d9f98c1f77d217eb01cdb36c

  • SHA512

    db731fc6f4e4ad0431ca434be771f859bb6536aca473ff3a7788c30074f35ab6531bbf7beb3270f663cff4b371685e898a0c5a36eccb8e073c9690e8f51c45c2

  • SSDEEP

    1536:/7ZQpApze+eJfFpsJOfFpsJE7ZQpApze+eJfFpsJOfFpsJ6:9QWpze+eJfFpsJOfFpsJEQWpze+eJfFP

Score
9/10

Malware Config

Targets

    • Target

      cf013113a28832d19340dd8a54cff540_NeikiAnalytics.exe

    • Size

      94KB

    • MD5

      cf013113a28832d19340dd8a54cff540

    • SHA1

      5b6b543a59d25804aebe8a834ca862aee2647018

    • SHA256

      421a07b6523aaaf1254b3e294ad67bd1c869b7e9d9f98c1f77d217eb01cdb36c

    • SHA512

      db731fc6f4e4ad0431ca434be771f859bb6536aca473ff3a7788c30074f35ab6531bbf7beb3270f663cff4b371685e898a0c5a36eccb8e073c9690e8f51c45c2

    • SSDEEP

      1536:/7ZQpApze+eJfFpsJOfFpsJE7ZQpApze+eJfFpsJOfFpsJ6:9QWpze+eJfFpsJOfFpsJEQWpze+eJfFP

    Score
    9/10
    • Renames multiple (4356) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Matrix

Tasks