Overview

overview

9

Static

static

3

36318fe51f...cs.exe

windows7-x64

9

36318fe51f...cs.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    36318fe51fd6d77a813c1555a4e79aa2bea4125ba2a5253606b0fba2ac4fe3bf_NeikiAnalytics.exe

  • Size

    164KB

  • Sample

    240701-fclzrawgpe

  • MD5

    ab9c1b05379e92b300d8aff719825150

  • SHA1

    f9c9fe4218c88660453a080ad69a4f4ec25371a4

  • SHA256

    36318fe51fd6d77a813c1555a4e79aa2bea4125ba2a5253606b0fba2ac4fe3bf

  • SHA512

    8e5b323bbec4b5507098b040a24dbdef650aa5af21d6b40e697bbbb8af930bb7392af7ec71c381bfe89081a48e5be1bab9c01b1fec1116ed7c759e87c1451943

  • SSDEEP

    3072:6pWpUFpEhLfyBtPf50FWkFpPDze/qFsxEhLfyBtPf50FWkFpPDze/qFslEhLfyBh:PqFF2Ie+eFC2oqFF2Ie+eFC27

Score
9/10
ransomware

Malware Config

Targets

    • Target

      36318fe51fd6d77a813c1555a4e79aa2bea4125ba2a5253606b0fba2ac4fe3bf_NeikiAnalytics.exe

    • Size

      164KB

    • MD5

      ab9c1b05379e92b300d8aff719825150

    • SHA1

      f9c9fe4218c88660453a080ad69a4f4ec25371a4

    • SHA256

      36318fe51fd6d77a813c1555a4e79aa2bea4125ba2a5253606b0fba2ac4fe3bf

    • SHA512

      8e5b323bbec4b5507098b040a24dbdef650aa5af21d6b40e697bbbb8af930bb7392af7ec71c381bfe89081a48e5be1bab9c01b1fec1116ed7c759e87c1451943

    • SSDEEP

      3072:6pWpUFpEhLfyBtPf50FWkFpPDze/qFsxEhLfyBtPf50FWkFpPDze/qFslEhLfyBh:PqFF2Ie+eFC2oqFF2Ie+eFC27

    Score
    9/10
    ransomware

    • Renames multiple (3705) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks