General

  • Target

    39b250af0db743dd579fd54f43c95c60_NeikiAnalytics.exe

  • Size

    90KB

  • Sample

    240617-dagwxa1blg

  • MD5

    39b250af0db743dd579fd54f43c95c60

  • SHA1

    1289a92744441cfeb301ded703077c531457ba8f

  • SHA256

    3d1859ec316c700693592565aeab6501b078998b2f31627c673a9a1fea76b315

  • SHA512

    b914fd3934275638e650083e46d384fc8e83918815fb869ad9f890125570f75b61797d0aec11599372047f3dfaa0dcd5c452d803847389ce885e77de489c8943

  • SSDEEP

    1536:CTWn1++PJHJXA/OsIZfzc3/Q8UTWn1++PJHJXA/OsIZfzc3/Q8k:KQSo7QSor

Score
9/10

Malware Config

Targets

    • Target

      39b250af0db743dd579fd54f43c95c60_NeikiAnalytics.exe

    • Size

      90KB

    • MD5

      39b250af0db743dd579fd54f43c95c60

    • SHA1

      1289a92744441cfeb301ded703077c531457ba8f

    • SHA256

      3d1859ec316c700693592565aeab6501b078998b2f31627c673a9a1fea76b315

    • SHA512

      b914fd3934275638e650083e46d384fc8e83918815fb869ad9f890125570f75b61797d0aec11599372047f3dfaa0dcd5c452d803847389ce885e77de489c8943

    • SSDEEP

      1536:CTWn1++PJHJXA/OsIZfzc3/Q8UTWn1++PJHJXA/OsIZfzc3/Q8k:KQSo7QSor

    Score
    9/10
    • Renames multiple (4902) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Drops file in System32 directory

MITRE ATT&CK Matrix

Tasks