General

  • Target

    8356089caa69ee01b38414a1c4295f70_NeikiAnalytics.exe

  • Size

    115KB

  • Sample

    240617-nes5vasdkn

  • MD5

    8356089caa69ee01b38414a1c4295f70

  • SHA1

    ba4c9b8f0fe24137eb05a5ce2d4aab7ef7580321

  • SHA256

    f15f213ef6871f55f9015e124e22a6e3cb16c307748dffd1c857c37a875b7d41

  • SHA512

    6026f124db1f85cb43c57d32a88a6767ffca1640ca123eabea69e8a74ead27833e1be71d238894fc8697d82e405d80dfc56f2861ed7ff358bedb09374a44b4b7

  • SSDEEP

    1536:V7Zf/FAxTWY1++PJHJXA/OsIZfzc3/Q8vTWn1++PJHJXA/OsIZfzc3/Q8J:fnyiQSoAQSo6

Score
9/10

Malware Config

Targets

    • Target

      8356089caa69ee01b38414a1c4295f70_NeikiAnalytics.exe

    • Size

      115KB

    • MD5

      8356089caa69ee01b38414a1c4295f70

    • SHA1

      ba4c9b8f0fe24137eb05a5ce2d4aab7ef7580321

    • SHA256

      f15f213ef6871f55f9015e124e22a6e3cb16c307748dffd1c857c37a875b7d41

    • SHA512

      6026f124db1f85cb43c57d32a88a6767ffca1640ca123eabea69e8a74ead27833e1be71d238894fc8697d82e405d80dfc56f2861ed7ff358bedb09374a44b4b7

    • SSDEEP

      1536:V7Zf/FAxTWY1++PJHJXA/OsIZfzc3/Q8vTWn1++PJHJXA/OsIZfzc3/Q8J:fnyiQSoAQSo6

    Score
    9/10
    • Renames multiple (3434) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks