18c209644ccc82e7215dd0f96a934f6b2bbcbbcbbfc2b15d4101b9f5cd58fdc5 | Triage

Submit
Reports

Overview

overview

9

Static

static

3

24bf727f5b...KI.exe

windows7-x64

9

24bf727f5b...KI.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

Target

24bf727f5b3a79ec248fd232c9fa3180_NEIKI
Size

182KB
Sample

240507-y7s1naha22
MD5

24bf727f5b3a79ec248fd232c9fa3180
SHA1

8922defbc2cdf900cc6ceb186c876f10719172ba
SHA256

18c209644ccc82e7215dd0f96a934f6b2bbcbbcbbfc2b15d4101b9f5cd58fdc5
SHA512

1c1ce1bbbdde4f012fe6ce7c9907e05c897cb4fbb119c11e024ef30d8ddb0b4fb1c462bedc91f7ab609be6e9e44bb7a0df81094a7e3496400ef6f99e84b0099e
SSDEEP

3072:6e7WpMaxeb0CYJ97lEYNR73e+eqB8e7WpMaxeb0CYJ97lEYNR73e+eqB9:RqKvb0CYJ973e+eqBHqKvb0CYJ973e+N

Score

9^/10

ransomware

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

24bf727f5b3a79ec248fd232c9fa3180_NEIKI.exe

Resource

win7-20231129-en

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

24bf727f5b3a79ec248fd232c9fa3180_NEIKI.exe

Resource

win10v2004-20240419-en

windows10-2004-x64

5 signatures

150 seconds

Malware Config

Targets

- Target
  
  24bf727f5b3a79ec248fd232c9fa3180_NEIKI
- Size
  
  182KB
- MD5
  
  24bf727f5b3a79ec248fd232c9fa3180
- SHA1
  
  8922defbc2cdf900cc6ceb186c876f10719172ba
- SHA256
  
  18c209644ccc82e7215dd0f96a934f6b2bbcbbcbbfc2b15d4101b9f5cd58fdc5
- SHA512
  
  1c1ce1bbbdde4f012fe6ce7c9907e05c897cb4fbb119c11e024ef30d8ddb0b4fb1c462bedc91f7ab609be6e9e44bb7a0df81094a7e3496400ef6f99e84b0099e
- SSDEEP
  
  3072:6e7WpMaxeb0CYJ97lEYNR73e+eqB8e7WpMaxeb0CYJ97lEYNR73e+eqB9:RqKvb0CYJ973e+eqBHqKvb0CYJ973e+N
Score

9^/10

ransomware
- Renames multiple (4018) files with added filename extension
  This suggests ransomware activity of encrypting all the files on the system.
  ransomware
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy