General

  • Target

    3a66c7a82ba313012265ad4a11711dfe7463acb4250c4ade0b6b5562703e0ce4_NeikiAnalytics.exe

  • Size

    170KB

  • Sample

    240620-gcjeaswepn

  • MD5

    ae605e388241d88ea98d0f16ea02e660

  • SHA1

    07233544691cf82b2c652b97c026326690d9180f

  • SHA256

    3a66c7a82ba313012265ad4a11711dfe7463acb4250c4ade0b6b5562703e0ce4

  • SHA512

    b22501bda8a7bb2ecf75826598c35ff3e48f5ada9b270ef1d574e4ee0d9a1a08e473eff882489faf4467b1c919cabcade39cf43576ad4b973e78250033792eec

  • SSDEEP

    3072:6pWpUFpEhLfyBtPf50FWkFpPDze/qFsxEhLfyBtPf50FWkFpPDze/qFslEhLfyB7:PqFF2Ie+eFpqFF2Ie+eFG

Score
9/10

Malware Config

Targets

    • Target

      3a66c7a82ba313012265ad4a11711dfe7463acb4250c4ade0b6b5562703e0ce4_NeikiAnalytics.exe

    • Size

      170KB

    • MD5

      ae605e388241d88ea98d0f16ea02e660

    • SHA1

      07233544691cf82b2c652b97c026326690d9180f

    • SHA256

      3a66c7a82ba313012265ad4a11711dfe7463acb4250c4ade0b6b5562703e0ce4

    • SHA512

      b22501bda8a7bb2ecf75826598c35ff3e48f5ada9b270ef1d574e4ee0d9a1a08e473eff882489faf4467b1c919cabcade39cf43576ad4b973e78250033792eec

    • SSDEEP

      3072:6pWpUFpEhLfyBtPf50FWkFpPDze/qFsxEhLfyBtPf50FWkFpPDze/qFslEhLfyB7:PqFF2Ie+eFpqFF2Ie+eFG

    Score
    9/10
    • Renames multiple (3637) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Matrix

Tasks