Overview

overview

9

Static

static

3

73a9681082...cs.exe

windows7-x64

9

73a9681082...cs.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    73a9681082d3714d91cc0acc56c99df0_NeikiAnalytics

  • Size

    190KB

  • Sample

    240510-fgefgafd24

  • MD5

    73a9681082d3714d91cc0acc56c99df0

  • SHA1

    5cccdc3f8da3443f538c17b582e9323f93774446

  • SHA256

    426f98d085a3f567f41a614a4d359bb522ab13e85d4396520e0086b41ce51c78

  • SHA512

    f7a277fac8412cddab757a1bdfa68d82a5630893f4c1d4fdc89473cca89b902afa4250aea41ff76da596fddc65c8237723df951f331fca059ae48490141716de

  • SSDEEP

    3072:6e7WpnhkElEa0NQn0NQie+e3e7WpnhkElEa0NQn0NQie+eK:RqthOe+euqthOe+eK

Score
9/10
ransomware

Malware Config

Targets

    • Target

      73a9681082d3714d91cc0acc56c99df0_NeikiAnalytics

    • Size

      190KB

    • MD5

      73a9681082d3714d91cc0acc56c99df0

    • SHA1

      5cccdc3f8da3443f538c17b582e9323f93774446

    • SHA256

      426f98d085a3f567f41a614a4d359bb522ab13e85d4396520e0086b41ce51c78

    • SHA512

      f7a277fac8412cddab757a1bdfa68d82a5630893f4c1d4fdc89473cca89b902afa4250aea41ff76da596fddc65c8237723df951f331fca059ae48490141716de

    • SSDEEP

      3072:6e7WpnhkElEa0NQn0NQie+e3e7WpnhkElEa0NQn0NQie+eK:RqthOe+euqthOe+eK

    Score
    9/10
    ransomware

    • Renames multiple (4519) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks