Overview

overview

9

Static

static

3

b11d0b37f3...KI.exe

windows7-x64

9

b11d0b37f3...KI.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    b11d0b37f3f0596f2644b4f7c23d0290_NEIKI

  • Size

    98KB

  • Sample

    240508-df1k7shf33

  • MD5

    b11d0b37f3f0596f2644b4f7c23d0290

  • SHA1

    a5b92f034a7ed6174936c17a56b099c60db044fa

  • SHA256

    0e21ac4ced8c17b6ef65cf0eef118f705073a448845eda44e0028ed46e44e597

  • SHA512

    79b69256c58e970c908701ed40085524bcdb05d96deca18939a850d1dd54f71b2c25a33f9b912452c3cf466b31fd7e960ebbbf43182778636d3b8475a322d50e

  • SSDEEP

    3072:6e7WpHIyRF9ESWu0SWuDmhSauvEKxVTLJtxoVz8FUDrYYaCusjdEKxVTLJtxoVzY:RqlIyFESWu0SWuGSE

Score
9/10
ransomware

Malware Config

Targets

    • Target

      b11d0b37f3f0596f2644b4f7c23d0290_NEIKI

    • Size

      98KB

    • MD5

      b11d0b37f3f0596f2644b4f7c23d0290

    • SHA1

      a5b92f034a7ed6174936c17a56b099c60db044fa

    • SHA256

      0e21ac4ced8c17b6ef65cf0eef118f705073a448845eda44e0028ed46e44e597

    • SHA512

      79b69256c58e970c908701ed40085524bcdb05d96deca18939a850d1dd54f71b2c25a33f9b912452c3cf466b31fd7e960ebbbf43182778636d3b8475a322d50e

    • SSDEEP

      3072:6e7WpHIyRF9ESWu0SWuDmhSauvEKxVTLJtxoVz8FUDrYYaCusjdEKxVTLJtxoVzY:RqlIyFESWu0SWuGSE

    Score
    9/10
    ransomware

    • Renames multiple (3452) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks