Overview

overview

9

Static

static

7

3361be5e8b...cs.exe

windows7-x64

9

3361be5e8b...cs.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3361be5e8ba798ece9f7f5aafc87ece1f80072b0a4f0f795762ddcdb256ce52d_NeikiAnalytics.exe

  • Size

    151KB

  • Sample

    240701-efc1ksvhle

  • MD5

    3880cfffb8f1341368d58e3e49fa3f00

  • SHA1

    e5e05e792c7b58ac7c480818f2685e6f8f5ae2ec

  • SHA256

    3361be5e8ba798ece9f7f5aafc87ece1f80072b0a4f0f795762ddcdb256ce52d

  • SHA512

    5957e6608d9b015ef33e41c2fd454f577d60db14bf205d8d1bdeb083adbdc7dd26ed591e0a0e2f30eef74a2834bb2f410929d48023922ad4c638073b0038b39c

  • SSDEEP

    1536:a7ZyqaFAxTWH1++PJHJXA/OsIZfzc3/Q8Q8/8fCtyldA7ZyqaFAxTWH1++PJHJX8:enaypQSoskgnaypQSosk2

Score
9/10
ransomwareupx

Malware Config

Targets

    • Target

      3361be5e8ba798ece9f7f5aafc87ece1f80072b0a4f0f795762ddcdb256ce52d_NeikiAnalytics.exe

    • Size

      151KB

    • MD5

      3880cfffb8f1341368d58e3e49fa3f00

    • SHA1

      e5e05e792c7b58ac7c480818f2685e6f8f5ae2ec

    • SHA256

      3361be5e8ba798ece9f7f5aafc87ece1f80072b0a4f0f795762ddcdb256ce52d

    • SHA512

      5957e6608d9b015ef33e41c2fd454f577d60db14bf205d8d1bdeb083adbdc7dd26ed591e0a0e2f30eef74a2834bb2f410929d48023922ad4c638073b0038b39c

    • SSDEEP

      1536:a7ZyqaFAxTWH1++PJHJXA/OsIZfzc3/Q8Q8/8fCtyldA7ZyqaFAxTWH1++PJHJX8:enaypQSoskgnaypQSosk2

    Score
    9/10
    ransomwareupx

    • Renames multiple (129) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks