General

  • Target

    d00e49cb35b38fafba30e5274dc2bff0_NeikiAnalytics.exe

  • Size

    716KB

  • Sample

    240616-dkb4ea1cnj

  • MD5

    d00e49cb35b38fafba30e5274dc2bff0

  • SHA1

    db914d924500169b8c5fb9db6f3a1edb42f6cabf

  • SHA256

    93fa5e683b15d68f13295aa7ee36e25d6a4974c1c0e7e294acf989088f6ec96e

  • SHA512

    f7513b1430ebec61b8f7db253bc3a38135faad1f14bfd8d735d4a1c02885c2ccb08d8d2153d9244e6a3a52642c4f84c7adc50f94bbb977d78ded11efb2c5588c

  • SSDEEP

    12288:VQtyZGtKgZGtK/CAIuZAIuMQtyZGtKgZGtK/CAIuZAIuygnQtyZGtKgZGtK/CAIN:VItNItTgnItNItTg6

Score
9/10

Malware Config

Targets

    • Target

      d00e49cb35b38fafba30e5274dc2bff0_NeikiAnalytics.exe

    • Size

      716KB

    • MD5

      d00e49cb35b38fafba30e5274dc2bff0

    • SHA1

      db914d924500169b8c5fb9db6f3a1edb42f6cabf

    • SHA256

      93fa5e683b15d68f13295aa7ee36e25d6a4974c1c0e7e294acf989088f6ec96e

    • SHA512

      f7513b1430ebec61b8f7db253bc3a38135faad1f14bfd8d735d4a1c02885c2ccb08d8d2153d9244e6a3a52642c4f84c7adc50f94bbb977d78ded11efb2c5588c

    • SSDEEP

      12288:VQtyZGtKgZGtK/CAIuZAIuMQtyZGtKgZGtK/CAIuZAIuygnQtyZGtKgZGtK/CAIN:VItNItTgnItNItTg6

    Score
    9/10
    • Renames multiple (3455) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Drops file in System32 directory

MITRE ATT&CK Matrix

Tasks