Overview

overview

9

Static

static

3

865121cc4a...cs.exe

windows7-x64

9

865121cc4a...cs.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    865121cc4ac9155b2a882288b363b0c0_NeikiAnalytics

  • Size

    128KB

  • Sample

    240511-fylwwaaa75

  • MD5

    865121cc4ac9155b2a882288b363b0c0

  • SHA1

    12b440535086301c3c96d4b8f858b985b9d10ebe

  • SHA256

    ddc8d5d22b35da45431847e3a84aad0a361565ef059dfd00789b787afc3fe88d

  • SHA512

    9f64961ae6aba064814463c5c67a332ff902993d7e542741173ebd65933c15ad78059fb772094dbf4809d9162e41df7d24604d2c876a7f62685ba862120138fb

  • SSDEEP

    1536:W7ZDpApYbWjIlE77ufL6YRYvBl7ZDpApYbWjIlE77ufL6YRYvBbK/:6DWpwE7oL6uODWpwE7oL6uv

Score
9/10
ransomware

Malware Config

Targets

    • Target

      865121cc4ac9155b2a882288b363b0c0_NeikiAnalytics

    • Size

      128KB

    • MD5

      865121cc4ac9155b2a882288b363b0c0

    • SHA1

      12b440535086301c3c96d4b8f858b985b9d10ebe

    • SHA256

      ddc8d5d22b35da45431847e3a84aad0a361565ef059dfd00789b787afc3fe88d

    • SHA512

      9f64961ae6aba064814463c5c67a332ff902993d7e542741173ebd65933c15ad78059fb772094dbf4809d9162e41df7d24604d2c876a7f62685ba862120138fb

    • SSDEEP

      1536:W7ZDpApYbWjIlE77ufL6YRYvBl7ZDpApYbWjIlE77ufL6YRYvBbK/:6DWpwE7oL6uODWpwE7oL6uv

    Score
    9/10
    ransomware

    • Renames multiple (4072) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks