Overview

overview

9

Static

static

7

37d3cd361c...cs.exe

windows7-x64

7

37d3cd361c...cs.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    37d3cd361c9397cba3683b15d9e9cfd86ffbcc98163e27a284c5378a30d8153c_NeikiAnalytics.exe

  • Size

    200KB

  • Sample

    240701-ft619azhpp

  • MD5

    1ba410a4d501e51c47f5800c8972a490

  • SHA1

    ce38962b8467d7a26bae03256e1cda19aac6aacd

  • SHA256

    37d3cd361c9397cba3683b15d9e9cfd86ffbcc98163e27a284c5378a30d8153c

  • SHA512

    9518e1ca24d8ba036a4ff7f1ebc64a1335736d6fef1f6e263e09d67d60f04307a7a77e2f99f32324fcae6de9cda98363f362d716b63945ca9fb86b4c084492b7

  • SSDEEP

    1536:V7Zf/FAxTWY1++PJHJXA/OsIZfzc3/Q8zxtjm8sg7Zf/FAxTWY1++PJHJXA/OsIH:fnyiQSoojmHgnyiQSoojmHhHV

Score
9/10
ransomwareupx

Malware Config

Targets

    • Target

      37d3cd361c9397cba3683b15d9e9cfd86ffbcc98163e27a284c5378a30d8153c_NeikiAnalytics.exe

    • Size

      200KB

    • MD5

      1ba410a4d501e51c47f5800c8972a490

    • SHA1

      ce38962b8467d7a26bae03256e1cda19aac6aacd

    • SHA256

      37d3cd361c9397cba3683b15d9e9cfd86ffbcc98163e27a284c5378a30d8153c

    • SHA512

      9518e1ca24d8ba036a4ff7f1ebc64a1335736d6fef1f6e263e09d67d60f04307a7a77e2f99f32324fcae6de9cda98363f362d716b63945ca9fb86b4c084492b7

    • SSDEEP

      1536:V7Zf/FAxTWY1++PJHJXA/OsIZfzc3/Q8zxtjm8sg7Zf/FAxTWY1++PJHJXA/OsIH:fnyiQSoojmHgnyiQSoojmHhHV

    Score
    9/10
    upxransomware

    • Renames multiple (4721) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks