General

  • Target

    36669aa5c9f9ef599ac8917be737bb786f43dff3eca46867b9ef53490aed0918_NeikiAnalytics.exe

  • Size

    140KB

  • Sample

    240620-fjw4aszdnh

  • MD5

    5b97b85c8ce2bb426c99e589abc6a7e0

  • SHA1

    28deb891e9ee0f4b93fc1c81e3b5b8c1a2bf4318

  • SHA256

    36669aa5c9f9ef599ac8917be737bb786f43dff3eca46867b9ef53490aed0918

  • SHA512

    287dd4baa46260a6e025e67f69d16f2c7e225b8ef21f421c3c993e7dd17a57c77c873046b3bd5aedcbf20982ba7f007b7ae0cadc16577e95476b61408fb2dba9

  • SSDEEP

    3072:KQSohsUsxe+erZLZ+QSohsUsxe+erZLZ1:KQSohsUsxe+e+QSohsUsxe+e1

Score
9/10

Malware Config

Targets

    • Target

      36669aa5c9f9ef599ac8917be737bb786f43dff3eca46867b9ef53490aed0918_NeikiAnalytics.exe

    • Size

      140KB

    • MD5

      5b97b85c8ce2bb426c99e589abc6a7e0

    • SHA1

      28deb891e9ee0f4b93fc1c81e3b5b8c1a2bf4318

    • SHA256

      36669aa5c9f9ef599ac8917be737bb786f43dff3eca46867b9ef53490aed0918

    • SHA512

      287dd4baa46260a6e025e67f69d16f2c7e225b8ef21f421c3c993e7dd17a57c77c873046b3bd5aedcbf20982ba7f007b7ae0cadc16577e95476b61408fb2dba9

    • SSDEEP

      3072:KQSohsUsxe+erZLZ+QSohsUsxe+erZLZ1:KQSohsUsxe+e+QSohsUsxe+e1

    Score
    9/10
    • Renames multiple (4268) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Drops file in System32 directory

MITRE ATT&CK Matrix

Tasks