General

  • Target

    8a3501ae58e13338c942405606f93640_NeikiAnalytics.exe

  • Size

    162KB

  • Sample

    240617-paebkazdjh

  • MD5

    8a3501ae58e13338c942405606f93640

  • SHA1

    0f8f38965d3b3ae1dc06308a814b51127ee787a2

  • SHA256

    75e52ba7b2bb962068c1a1b147c952505cd0998f400c6775b14a066ea5992f86

  • SHA512

    aeca9466abe3dcff90d8fa5938b8b8667512f8393a06b81b57e1cf99e72b5b9821654d8ebcabe56bc5d31b4cc07c049d4412397af596553a53a2d14d6aca150f

  • SSDEEP

    3072:6e7WpP9oVLQthbYY9oVLQthbUvCe7WpP9oVLQthbYY9oVLQthbUv7:RqARqAT

Score
9/10

Malware Config

Targets

    • Target

      8a3501ae58e13338c942405606f93640_NeikiAnalytics.exe

    • Size

      162KB

    • MD5

      8a3501ae58e13338c942405606f93640

    • SHA1

      0f8f38965d3b3ae1dc06308a814b51127ee787a2

    • SHA256

      75e52ba7b2bb962068c1a1b147c952505cd0998f400c6775b14a066ea5992f86

    • SHA512

      aeca9466abe3dcff90d8fa5938b8b8667512f8393a06b81b57e1cf99e72b5b9821654d8ebcabe56bc5d31b4cc07c049d4412397af596553a53a2d14d6aca150f

    • SSDEEP

      3072:6e7WpP9oVLQthbYY9oVLQthbUvCe7WpP9oVLQthbYY9oVLQthbUv7:RqARqAT

    Score
    9/10
    • Renames multiple (4475) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Matrix

Tasks