General

  • Target

    3afab4af1444b783803efa519a103650_NeikiAnalytics.exe

  • Size

    163KB

  • Sample

    240617-dfezhavgpn

  • MD5

    3afab4af1444b783803efa519a103650

  • SHA1

    c7819e01f30ba0c9e975efc2c4fab57f04f048e2

  • SHA256

    20c095fa88b3afc74c1d8130feaacdb3808224f27a3e025b76364eefe821d2c3

  • SHA512

    6108635b786511c4a34b44c25f1e2607c6a0959cad54c3ca9e5dd3e7902b6de85be25cc12a4a4ff52b2d2e075e5b6730b3ec76ccce3bda177f36fe59edc1962a

  • SSDEEP

    3072:6e7WpP9oVLQthbYY9oVLQthbUvCe7WpP9oVLQthbYY9oVLQthbUveGejGeN:RqABqA0

Score
9/10

Malware Config

Targets

    • Target

      3afab4af1444b783803efa519a103650_NeikiAnalytics.exe

    • Size

      163KB

    • MD5

      3afab4af1444b783803efa519a103650

    • SHA1

      c7819e01f30ba0c9e975efc2c4fab57f04f048e2

    • SHA256

      20c095fa88b3afc74c1d8130feaacdb3808224f27a3e025b76364eefe821d2c3

    • SHA512

      6108635b786511c4a34b44c25f1e2607c6a0959cad54c3ca9e5dd3e7902b6de85be25cc12a4a4ff52b2d2e075e5b6730b3ec76ccce3bda177f36fe59edc1962a

    • SSDEEP

      3072:6e7WpP9oVLQthbYY9oVLQthbUvCe7WpP9oVLQthbYY9oVLQthbUveGejGeN:RqABqA0

    Score
    9/10
    • Renames multiple (622) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Matrix

Tasks