Overview

overview

9

Static

static

3

39ebf920b6...cs.exe

windows7-x64

9

39ebf920b6...cs.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    39ebf920b6649ab6822a74b3b6b9a531b819aea8d7b7179ff6efc49ca1f4c7e2_NeikiAnalytics.exe

  • Size

    114KB

  • Sample

    240701-gjdsdsxfpa

  • MD5

    9fd2cde2647f2219276bfa855f0ea7f0

  • SHA1

    7155488826119ff145f362c04c1c1b4f8cc29e87

  • SHA256

    39ebf920b6649ab6822a74b3b6b9a531b819aea8d7b7179ff6efc49ca1f4c7e2

  • SHA512

    9cd749f1a6e9efee80a2ab29c681b466a14d3d305a5e89b0703a3414946950b970f3fe903fe93697a408d0981e53aaab46aa7274237c1d1a522207e125dee860

  • SSDEEP

    3072:9QWpze+eJfFpsJOfFpsJ5D1QWpze+eJfFpsJOfFpsJ5DZms:Lpe+ewDDpe+ewDZms

Score
9/10
ransomware

Malware Config

Targets

    • Target

      39ebf920b6649ab6822a74b3b6b9a531b819aea8d7b7179ff6efc49ca1f4c7e2_NeikiAnalytics.exe

    • Size

      114KB

    • MD5

      9fd2cde2647f2219276bfa855f0ea7f0

    • SHA1

      7155488826119ff145f362c04c1c1b4f8cc29e87

    • SHA256

      39ebf920b6649ab6822a74b3b6b9a531b819aea8d7b7179ff6efc49ca1f4c7e2

    • SHA512

      9cd749f1a6e9efee80a2ab29c681b466a14d3d305a5e89b0703a3414946950b970f3fe903fe93697a408d0981e53aaab46aa7274237c1d1a522207e125dee860

    • SSDEEP

      3072:9QWpze+eJfFpsJOfFpsJ5D1QWpze+eJfFpsJOfFpsJ5DZms:Lpe+ewDDpe+ewDZms

    Score
    9/10
    ransomware

    • Renames multiple (4701) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks