General
-
Target
240617-cm3hpszckc_pw_infected.zip
-
Size
20KB
-
Sample
240617-cqgqeatgml
-
MD5
5a0e90f5b5d157e629197cef059347fc
-
SHA1
718cf2e3af0b9a9e4840770a172930aa3a0b1714
-
SHA256
16ead47642eeba18bc86c87188d2f323154469d5286892cadbcb94946489402a
-
SHA512
e9038de29d0b6faf3dd6da7de913c7c4a40f247f0184e9753fdaf3417c531cf0907fc66a61d16c0dad350cba2f8332fdcba47b881f5e61dd3281a5e545827174
-
SSDEEP
384:re1bAQ+nHyeEi70fvAX3CHfGGrNPp23rImpe/IORmJ3o/3iHVIz8W9RIv:reFUHREi70HAuGG+blORI3FVIQW92
Static task
static1
Behavioral task
behavioral1
Sample
34bf4fe275901c9cab84fa663f3dfab0_NeikiAnalytics.exe
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
34bf4fe275901c9cab84fa663f3dfab0_NeikiAnalytics.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
34bf4fe275901c9cab84fa663f3dfab0_NeikiAnalytics.exe
-
Size
82KB
-
MD5
34bf4fe275901c9cab84fa663f3dfab0
-
SHA1
c9c6c387170995986a82df089b982670204c2ab0
-
SHA256
05ebeef6bc15085a27995d2ca7633faaafdf738040c41141228a59bc5f986cb8
-
SHA512
0fc8d55dad5c92b4636a367738a527075c40ee5f53c0e3ffb952e5cf9a0a77c528525d5b8b1ac086edd02940df12aea5caaa19caf1b19732fbb954dda12b0930
-
SSDEEP
1536:W7ZppApUFpEhLfyBtPf50FWkFpPDze/qFsxEhLfyBtPf50FWkFpPDze/qFsAcEhX:6pWpUFpEhLfyBtPf50FWkFpPDze/qFsm
Score9/10-
Renames multiple (197) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-