General
-
Target
96d1531b6af5075a7a2f6c0941760270_NeikiAnalytics.exe
-
Size
156KB
-
Sample
240617-qq7hqasgld
-
MD5
96d1531b6af5075a7a2f6c0941760270
-
SHA1
80e9e857882f6df29e9b7013e7f51bfd6451ed99
-
SHA256
4fa279300e25cde89f423ffa1aa4b65724438982ada3ab04c7494b2bd2acb48e
-
SHA512
82ef9af7afeb0e722b9ab70bc9e352b78a7c8e46c41d0d1426123ecc3cd31a97ab0fc2f690a05e1671604a8a0b6bffe5fd26ec6c79f9aa813d3f772e40dd7f28
-
SSDEEP
3072:6pWpUFpEhLfyBtPf50FWkFpPDze/qFsxEhLfyBtPf50FWkFpPDze/qFslEhLfyBG:PqFF2Ie+eFwqFF2Ie+eF8
Static task
static1
Behavioral task
behavioral1
Sample
96d1531b6af5075a7a2f6c0941760270_NeikiAnalytics.exe
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
96d1531b6af5075a7a2f6c0941760270_NeikiAnalytics.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
96d1531b6af5075a7a2f6c0941760270_NeikiAnalytics.exe
-
Size
156KB
-
MD5
96d1531b6af5075a7a2f6c0941760270
-
SHA1
80e9e857882f6df29e9b7013e7f51bfd6451ed99
-
SHA256
4fa279300e25cde89f423ffa1aa4b65724438982ada3ab04c7494b2bd2acb48e
-
SHA512
82ef9af7afeb0e722b9ab70bc9e352b78a7c8e46c41d0d1426123ecc3cd31a97ab0fc2f690a05e1671604a8a0b6bffe5fd26ec6c79f9aa813d3f772e40dd7f28
-
SSDEEP
3072:6pWpUFpEhLfyBtPf50FWkFpPDze/qFsxEhLfyBtPf50FWkFpPDze/qFslEhLfyBG:PqFF2Ie+eFwqFF2Ie+eF8
Score9/10-
Renames multiple (945) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-