General

  • Target

    37ea1e32249256d4ad19a73674017350b9c6a4e6d3c621212b333d9061fbb904_NeikiAnalytics.exe

  • Size

    64KB

  • Sample

    240620-fvj8wavfjp

  • MD5

    f0e4307975356beba5582cc9e13fcb50

  • SHA1

    a81e78b4887ed7d6001d249ddc64bd66ea984393

  • SHA256

    37ea1e32249256d4ad19a73674017350b9c6a4e6d3c621212b333d9061fbb904

  • SHA512

    d914fb3f1ea0e8809800b0bb6c100460ea0ee2646c80cd7d21d35539efb6b3c6e839b5c150dc1ed0322d0eea403bc2e9c67de00a07a5b3d26c23230231b46eef

  • SSDEEP

    384:GBt7Br5xjL9AgA71FbhvuNBNhaBt7Br5xjL9AgA71FbhvuNBNh4z:W7BlpppARFbhh7BlpppARFbh5

Score
9/10

Malware Config

Targets

    • Target

      37ea1e32249256d4ad19a73674017350b9c6a4e6d3c621212b333d9061fbb904_NeikiAnalytics.exe

    • Size

      64KB

    • MD5

      f0e4307975356beba5582cc9e13fcb50

    • SHA1

      a81e78b4887ed7d6001d249ddc64bd66ea984393

    • SHA256

      37ea1e32249256d4ad19a73674017350b9c6a4e6d3c621212b333d9061fbb904

    • SHA512

      d914fb3f1ea0e8809800b0bb6c100460ea0ee2646c80cd7d21d35539efb6b3c6e839b5c150dc1ed0322d0eea403bc2e9c67de00a07a5b3d26c23230231b46eef

    • SSDEEP

      384:GBt7Br5xjL9AgA71FbhvuNBNhaBt7Br5xjL9AgA71FbhvuNBNh4z:W7BlpppARFbhh7BlpppARFbh5

    Score
    9/10
    • Renames multiple (4090) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Matrix

Tasks