General

  • Target

    36c5aa7046280d996ae418226b23b2054c83d02768bc52c95048f5b046ee844d_NeikiAnalytics.exe

  • Size

    91KB

  • Sample

    240620-fmapgavbpp

  • MD5

    2bf92e0a70e1042dd83476fbc9c320a0

  • SHA1

    d10771f4cdf1b5079efb7dfd1f4e3bb26897afe7

  • SHA256

    36c5aa7046280d996ae418226b23b2054c83d02768bc52c95048f5b046ee844d

  • SHA512

    7f86f7b1195f2acdd86de7e593b855ff11f5c4b88188a05f4aff6be8efbbe1170caf0bf34f1cdb8f3d48ce5dc4fcfd06e20945e09204f533b8bec6077f900d8e

  • SSDEEP

    1536:CTWn1++PJHJXA/OsIZfzc3/Q8ZTWn1++PJHJXA/OsIZfzc3/Q8C:KQSo2QSop

Score
9/10

Malware Config

Targets

    • Target

      36c5aa7046280d996ae418226b23b2054c83d02768bc52c95048f5b046ee844d_NeikiAnalytics.exe

    • Size

      91KB

    • MD5

      2bf92e0a70e1042dd83476fbc9c320a0

    • SHA1

      d10771f4cdf1b5079efb7dfd1f4e3bb26897afe7

    • SHA256

      36c5aa7046280d996ae418226b23b2054c83d02768bc52c95048f5b046ee844d

    • SHA512

      7f86f7b1195f2acdd86de7e593b855ff11f5c4b88188a05f4aff6be8efbbe1170caf0bf34f1cdb8f3d48ce5dc4fcfd06e20945e09204f533b8bec6077f900d8e

    • SSDEEP

      1536:CTWn1++PJHJXA/OsIZfzc3/Q8ZTWn1++PJHJXA/OsIZfzc3/Q8C:KQSo2QSop

    Score
    9/10
    • Renames multiple (4745) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Drops file in System32 directory

MITRE ATT&CK Matrix

Tasks