General

  • Target

    2f405d457c17cd879ae31944a921a160_NeikiAnalytics.exe

  • Size

    159KB

  • Sample

    240617-b1lxfaybmg

  • MD5

    2f405d457c17cd879ae31944a921a160

  • SHA1

    0d91cd183a8ef95d20b092061c9abf950a08766a

  • SHA256

    5d189cebce635ac01088b0c845267b3fe795363a63fd8365f87a9260a4513493

  • SHA512

    cc6fcdf3a9047c01e642d9ec7b031ab97588a57181c1768340c0d48202c6d6412c43f10b0dfb4889b191fae753fd51f621d6d85811354bf876c8449619beea01

  • SSDEEP

    3072:6e7WpP9oVLQthbYY9oVLQthbUvXe7WpP9oVLQthbYY9oVLQthbUvTdd:RqA2qArdd

Score
9/10

Malware Config

Targets

    • Target

      2f405d457c17cd879ae31944a921a160_NeikiAnalytics.exe

    • Size

      159KB

    • MD5

      2f405d457c17cd879ae31944a921a160

    • SHA1

      0d91cd183a8ef95d20b092061c9abf950a08766a

    • SHA256

      5d189cebce635ac01088b0c845267b3fe795363a63fd8365f87a9260a4513493

    • SHA512

      cc6fcdf3a9047c01e642d9ec7b031ab97588a57181c1768340c0d48202c6d6412c43f10b0dfb4889b191fae753fd51f621d6d85811354bf876c8449619beea01

    • SSDEEP

      3072:6e7WpP9oVLQthbYY9oVLQthbUvXe7WpP9oVLQthbYY9oVLQthbUvTdd:RqA2qArdd

    Score
    9/10
    • Renames multiple (4174) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Matrix

Tasks