Overview

overview

9

Static

static

3

a4b8993383...cs.exe

windows7-x64

9

a4b8993383...cs.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    a4b8993383b9368c12d71631b9238930_NeikiAnalytics

  • Size

    259KB

  • Sample

    240511-jxxtjaab95

  • MD5

    a4b8993383b9368c12d71631b9238930

  • SHA1

    eb7f670c779bb423b9ab10d3dafae345655ca331

  • SHA256

    fbe4e4bc131027071ef41f71d16bb18532f3982ca573dc481fe47cb5c9e36492

  • SHA512

    3015783a7d2d8835875ffc186f2e56bacc41ad434685cdffa8d90632a0bc51b8224f2e567f6972487fa541293c1379096e21f6d5544957979b0ba5bacb9d4cfe

  • SSDEEP

    1536:/7ZQpApUsKiXBvzwvzXJvlwJvlL7ZQpApUsKiXBvzwvzXJvlwJvls2y2A:9QWpngTJdwJdpQWpngTJdwJdy

Score
9/10
ransomware

Malware Config

Targets

    • Target

      a4b8993383b9368c12d71631b9238930_NeikiAnalytics

    • Size

      259KB

    • MD5

      a4b8993383b9368c12d71631b9238930

    • SHA1

      eb7f670c779bb423b9ab10d3dafae345655ca331

    • SHA256

      fbe4e4bc131027071ef41f71d16bb18532f3982ca573dc481fe47cb5c9e36492

    • SHA512

      3015783a7d2d8835875ffc186f2e56bacc41ad434685cdffa8d90632a0bc51b8224f2e567f6972487fa541293c1379096e21f6d5544957979b0ba5bacb9d4cfe

    • SSDEEP

      1536:/7ZQpApUsKiXBvzwvzXJvlwJvlL7ZQpApUsKiXBvzwvzXJvlwJvls2y2A:9QWpngTJdwJdpQWpngTJdwJdy

    Score
    9/10
    ransomware

    • Renames multiple (3364) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks