General

  • Target

    96d1531b6af5075a7a2f6c0941760270_NeikiAnalytics.exe

  • Size

    156KB

  • Sample

    240617-qq7hqasgld

  • MD5

    96d1531b6af5075a7a2f6c0941760270

  • SHA1

    80e9e857882f6df29e9b7013e7f51bfd6451ed99

  • SHA256

    4fa279300e25cde89f423ffa1aa4b65724438982ada3ab04c7494b2bd2acb48e

  • SHA512

    82ef9af7afeb0e722b9ab70bc9e352b78a7c8e46c41d0d1426123ecc3cd31a97ab0fc2f690a05e1671604a8a0b6bffe5fd26ec6c79f9aa813d3f772e40dd7f28

  • SSDEEP

    3072:6pWpUFpEhLfyBtPf50FWkFpPDze/qFsxEhLfyBtPf50FWkFpPDze/qFslEhLfyBG:PqFF2Ie+eFwqFF2Ie+eF8

Score
9/10

Malware Config

Targets

    • Target

      96d1531b6af5075a7a2f6c0941760270_NeikiAnalytics.exe

    • Size

      156KB

    • MD5

      96d1531b6af5075a7a2f6c0941760270

    • SHA1

      80e9e857882f6df29e9b7013e7f51bfd6451ed99

    • SHA256

      4fa279300e25cde89f423ffa1aa4b65724438982ada3ab04c7494b2bd2acb48e

    • SHA512

      82ef9af7afeb0e722b9ab70bc9e352b78a7c8e46c41d0d1426123ecc3cd31a97ab0fc2f690a05e1671604a8a0b6bffe5fd26ec6c79f9aa813d3f772e40dd7f28

    • SSDEEP

      3072:6pWpUFpEhLfyBtPf50FWkFpPDze/qFsxEhLfyBtPf50FWkFpPDze/qFslEhLfyBG:PqFF2Ie+eFwqFF2Ie+eF8

    Score
    9/10
    • Renames multiple (945) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Matrix

Tasks