Overview

overview

9

Static

static

3

43b53522bd...cs.exe

windows7-x64

9

43b53522bd...cs.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    43b53522bd0d7159e81f97a90f317c10_NeikiAnalytics

  • Size

    215KB

  • Sample

    240510-w8kdssee47

  • MD5

    43b53522bd0d7159e81f97a90f317c10

  • SHA1

    91a41d7fbb29f86b598cd285ba7fab061e5f5e7b

  • SHA256

    db9718524d59cf6f2f2bac574810d09b9e1c1ff89597624c2bc61764827748b6

  • SHA512

    c344bc78826d0f76f9695a20abd1b0ec4ad8d7019477c6bc971e1e373f8f362311e093b05c836e85419d34d22955554118832a454f60c35a0cc1833d0d69c0e5

  • SSDEEP

    3072:6rWpcOPxPke+e3fFpsJOfFpsJbgE2GEJdwJdXgCrWpcOPxPke+e3fFpsJOfFpsJJ:tFPxPke+eI2GRglFPxPke+eI2GRg1Q

Score
9/10
ransomware

Malware Config

Targets

    • Target

      43b53522bd0d7159e81f97a90f317c10_NeikiAnalytics

    • Size

      215KB

    • MD5

      43b53522bd0d7159e81f97a90f317c10

    • SHA1

      91a41d7fbb29f86b598cd285ba7fab061e5f5e7b

    • SHA256

      db9718524d59cf6f2f2bac574810d09b9e1c1ff89597624c2bc61764827748b6

    • SHA512

      c344bc78826d0f76f9695a20abd1b0ec4ad8d7019477c6bc971e1e373f8f362311e093b05c836e85419d34d22955554118832a454f60c35a0cc1833d0d69c0e5

    • SSDEEP

      3072:6rWpcOPxPke+e3fFpsJOfFpsJbgE2GEJdwJdXgCrWpcOPxPke+e3fFpsJOfFpsJJ:tFPxPke+eI2GRglFPxPke+eI2GRg1Q

    Score
    9/10
    ransomware

    • Renames multiple (4031) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks