Overview

overview

9

Static

static

7

65a2f438e5...KI.exe

windows7-x64

9

65a2f438e5...KI.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    65a2f438e5a7656c75c2e7fed6ebfc60_NEIKI

  • Size

    172KB

  • Sample

    240507-3fyjaagg75

  • MD5

    65a2f438e5a7656c75c2e7fed6ebfc60

  • SHA1

    89dbf410dfa331436b8392f6b2f42257df6ddd0f

  • SHA256

    a06c6721f446614fcb482932f6c12f649af882d526c0350607fa663eb2cc3778

  • SHA512

    4b22ced6dea39ca9edf50866a2b271c862e6c099d386604f727de879dcfdef1f40a6d2a884fc0e87c419c8505be44f74a9029928399d6b362bf84fdb6dc0ab1b

  • SSDEEP

    3072:fnymCAIuZAIuYSMjoqtMHfhfBnjFAW+FmD:KmCAIuZAIuDMVtM//nqoD

Score
9/10
ransomwareupx

Malware Config

Targets

    • Target

      65a2f438e5a7656c75c2e7fed6ebfc60_NEIKI

    • Size

      172KB

    • MD5

      65a2f438e5a7656c75c2e7fed6ebfc60

    • SHA1

      89dbf410dfa331436b8392f6b2f42257df6ddd0f

    • SHA256

      a06c6721f446614fcb482932f6c12f649af882d526c0350607fa663eb2cc3778

    • SHA512

      4b22ced6dea39ca9edf50866a2b271c862e6c099d386604f727de879dcfdef1f40a6d2a884fc0e87c419c8505be44f74a9029928399d6b362bf84fdb6dc0ab1b

    • SSDEEP

      3072:fnymCAIuZAIuYSMjoqtMHfhfBnjFAW+FmD:KmCAIuZAIuDMVtM//nqoD

    Score
    9/10
    ransomwareupx

    • Renames multiple (3246) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks