Overview

overview

9

Static

static

3

373208f84b...cs.exe

windows7-x64

9

373208f84b...cs.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    373208f84b7c9e5f7f2544bd4a23882f554a3ffa0f62a45f3eafdc1d40bbeef6_NeikiAnalytics.exe

  • Size

    199KB

  • Sample

    240701-fnkwtsxamg

  • MD5

    4d3c9a8350151136353c3efdefc4dc10

  • SHA1

    516e917bae37948b08e28a71fca35521dc54b097

  • SHA256

    373208f84b7c9e5f7f2544bd4a23882f554a3ffa0f62a45f3eafdc1d40bbeef6

  • SHA512

    03e665d9f25965e2c0d76d8cfea32358a1c1ee21f699e8b27722f4007f60a569ab8f5aad3b5a8b2c894702bf5aef67becf2080c2bfeef5a9c0a52ec2d03a0163

  • SSDEEP

    3072:9QWpze+eO888888888888888888888888888888888888888888888888888888f:Lpe+ekeq13pe+ekeq1n

Score
9/10
ransomware

Malware Config

Targets

    • Target

      373208f84b7c9e5f7f2544bd4a23882f554a3ffa0f62a45f3eafdc1d40bbeef6_NeikiAnalytics.exe

    • Size

      199KB

    • MD5

      4d3c9a8350151136353c3efdefc4dc10

    • SHA1

      516e917bae37948b08e28a71fca35521dc54b097

    • SHA256

      373208f84b7c9e5f7f2544bd4a23882f554a3ffa0f62a45f3eafdc1d40bbeef6

    • SHA512

      03e665d9f25965e2c0d76d8cfea32358a1c1ee21f699e8b27722f4007f60a569ab8f5aad3b5a8b2c894702bf5aef67becf2080c2bfeef5a9c0a52ec2d03a0163

    • SSDEEP

      3072:9QWpze+eO888888888888888888888888888888888888888888888888888888f:Lpe+ekeq13pe+ekeq1n

    Score
    9/10
    ransomware

    • Renames multiple (193) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks