Overview

overview

9

Static

static

3

3647466f1f...cs.exe

windows7-x64

9

3647466f1f...cs.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3647466f1f5ece3c32f6446dbb244f70b09dd594ab1d85802eee388fb1b8d642_NeikiAnalytics.exe

  • Size

    95KB

  • Sample

    240701-fdlelszekq

  • MD5

    bd0403b396ff2b5a66b83fcf09c45840

  • SHA1

    0fa980fb6f2a231326c010fadf9b73ed401ba63b

  • SHA256

    3647466f1f5ece3c32f6446dbb244f70b09dd594ab1d85802eee388fb1b8d642

  • SHA512

    fac12136e4771b5900f6a0eed2623e190d1d42c491b3f21bb45a092b28b4ac11831db53344745e03fae5424a534fff18474634801a24f8d86dd4a3ed48024f1b

  • SSDEEP

    768:W7BlpppARFbhWJq5nosMos+7BlpppARFbhWJq5nosMosu:W7ZppApF5noZoP7ZppApF5noZoB

Score
9/10
ransomware

Malware Config

Targets

    • Target

      3647466f1f5ece3c32f6446dbb244f70b09dd594ab1d85802eee388fb1b8d642_NeikiAnalytics.exe

    • Size

      95KB

    • MD5

      bd0403b396ff2b5a66b83fcf09c45840

    • SHA1

      0fa980fb6f2a231326c010fadf9b73ed401ba63b

    • SHA256

      3647466f1f5ece3c32f6446dbb244f70b09dd594ab1d85802eee388fb1b8d642

    • SHA512

      fac12136e4771b5900f6a0eed2623e190d1d42c491b3f21bb45a092b28b4ac11831db53344745e03fae5424a534fff18474634801a24f8d86dd4a3ed48024f1b

    • SSDEEP

      768:W7BlpppARFbhWJq5nosMos+7BlpppARFbhWJq5nosMosu:W7ZppApF5noZoP7ZppApF5noZoB

    Score
    9/10
    ransomware

    • Renames multiple (4939) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks