3d84cdf96a74214e15cd2b074b79f0fa5863a01049dfe1b2f687ea788a882b93 | Triage

Resubmissions

29/06/2024, 00:44

240629-a3tjmazdkk 9

29/06/2024, 00:40

240629-a1qpyszcmq 9

Sharing

General

Target

3d84cdf96a74214e15cd2b074b79f0fa5863a01049dfe1b2f687ea788a882b93_NeikiAnalytics.exe
Size

144KB
Sample

240629-a3tjmazdkk
MD5

2cfe920cd8c5eecd65559d6cc89b8800
SHA1

d974c37b1058e2a5692704404085b2c955ba6326
SHA256

3d84cdf96a74214e15cd2b074b79f0fa5863a01049dfe1b2f687ea788a882b93
SHA512

925d370579234bbf7066e04fc12be3eeb917b08b6609a4d20048b92241647a59837c0757b3815494119543083ac4e6fc0b3dc59158d9723207b3c68e4e8b0612
SSDEEP

1536:W7ZNLpApCZuvIYYoYoN7n97nYosbos67ZNLpApCZuvIYYoYoN7n97nYosbos3:6NLWpCZLYpZiX+NLWpCZLYpZiX3

Score

9^/10

ransomware

Malware Config

Targets

- Target
  
  3d84cdf96a74214e15cd2b074b79f0fa5863a01049dfe1b2f687ea788a882b93_NeikiAnalytics.exe
- Size
  
  144KB
- MD5
  
  2cfe920cd8c5eecd65559d6cc89b8800
- SHA1
  
  d974c37b1058e2a5692704404085b2c955ba6326
- SHA256
  
  3d84cdf96a74214e15cd2b074b79f0fa5863a01049dfe1b2f687ea788a882b93
- SHA512
  
  925d370579234bbf7066e04fc12be3eeb917b08b6609a4d20048b92241647a59837c0757b3815494119543083ac4e6fc0b3dc59158d9723207b3c68e4e8b0612
- SSDEEP
  
  1536:W7ZNLpApCZuvIYYoYoN7n97nYosbos67ZNLpApCZuvIYYoYoN7n97nYosbos3:6NLWpCZLYpZiX+NLWpCZLYpZiX3
Score

9^/10

ransomware
- Renames multiple (5191) files with added filename extension
  This suggests ransomware activity of encrypting all the files on the system.
  ransomware
- Executes dropped EXE
- Loads dropped DLL
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2