Overview

overview

9

Static

static

3

33b8779790...cs.exe

windows7-x64

9

33b8779790...cs.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    33b87797901292f6247a6a84a762c44baecb769ca4bee021bc4f36ade93a5bfb_NeikiAnalytics.exe

  • Size

    59KB

  • Sample

    240701-ekhfvsyfnl

  • MD5

    b4c7c8d7ccb5c2d5e7e3cd8029512c50

  • SHA1

    1f28a3522e9013da6b1fb040ea6f0b362b7056d2

  • SHA256

    33b87797901292f6247a6a84a762c44baecb769ca4bee021bc4f36ade93a5bfb

  • SHA512

    4a2ebcb544baf67313bfe8d814c4bc1082f4200d39113c7dae3f9d28c2d5da97eb983f4d406b99e0201782545ab438a3692499ae2110981c8c0429b5619d68ab

  • SSDEEP

    768:W7BlpppARFbhFANJKaJKjZP7PKCZapW0/13cYqSC9z/+:W7ZppApoJKaJKjZP7iNpW0/137qSez/+

Score
9/10
ransomware

Malware Config

Targets

    • Target

      33b87797901292f6247a6a84a762c44baecb769ca4bee021bc4f36ade93a5bfb_NeikiAnalytics.exe

    • Size

      59KB

    • MD5

      b4c7c8d7ccb5c2d5e7e3cd8029512c50

    • SHA1

      1f28a3522e9013da6b1fb040ea6f0b362b7056d2

    • SHA256

      33b87797901292f6247a6a84a762c44baecb769ca4bee021bc4f36ade93a5bfb

    • SHA512

      4a2ebcb544baf67313bfe8d814c4bc1082f4200d39113c7dae3f9d28c2d5da97eb983f4d406b99e0201782545ab438a3692499ae2110981c8c0429b5619d68ab

    • SSDEEP

      768:W7BlpppARFbhFANJKaJKjZP7PKCZapW0/13cYqSC9z/+:W7ZppApoJKaJKjZP7iNpW0/137qSez/+

    Score
    9/10
    ransomware

    • Renames multiple (2933) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks