General

  • Target

    3b06ca19cc626a91f6761c83cbbd7790_NeikiAnalytics.exe

  • Size

    165KB

  • Sample

    240617-dfs65a1dma

  • MD5

    3b06ca19cc626a91f6761c83cbbd7790

  • SHA1

    b6d70e6f6c64b0cc26be25d00250b462bcd92080

  • SHA256

    4947d2031b5fc04734f23ced255055e91ef10c5571d110e6689e28f409537212

  • SHA512

    d5023295d0fdd6e8ee458a0bfc933d7edf2cf82c626a7f598c764905972a0d6dc8aac05821a2e084f20d77bf55e6b069fc96c28e7879581a21d0fc2a91e1668d

  • SSDEEP

    3072:6pWpUFpEhLfyBtPf50FWkFpPDze/qFsxEhLfyBtPf50FWkFpPDze/qFslEhLfyB/:PqFF2Ie+eFqqFF2Ie+eFT

Score
9/10

Malware Config

Targets

    • Target

      3b06ca19cc626a91f6761c83cbbd7790_NeikiAnalytics.exe

    • Size

      165KB

    • MD5

      3b06ca19cc626a91f6761c83cbbd7790

    • SHA1

      b6d70e6f6c64b0cc26be25d00250b462bcd92080

    • SHA256

      4947d2031b5fc04734f23ced255055e91ef10c5571d110e6689e28f409537212

    • SHA512

      d5023295d0fdd6e8ee458a0bfc933d7edf2cf82c626a7f598c764905972a0d6dc8aac05821a2e084f20d77bf55e6b069fc96c28e7879581a21d0fc2a91e1668d

    • SSDEEP

      3072:6pWpUFpEhLfyBtPf50FWkFpPDze/qFsxEhLfyBtPf50FWkFpPDze/qFslEhLfyB/:PqFF2Ie+eFqqFF2Ie+eFT

    Score
    9/10
    • Renames multiple (4075) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Matrix

Tasks