Overview

overview

9

Static

static

7

2c133153a5...cs.exe

windows7-x64

9

2c133153a5...cs.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    2c133153a52d1ca2ffe5cb133b7bd7d0_NeikiAnalytics

  • Size

    196KB

  • Sample

    240514-1dfvcaaa59

  • MD5

    2c133153a52d1ca2ffe5cb133b7bd7d0

  • SHA1

    367aba4e2af0b42bc12b624ca148bd55a632846c

  • SHA256

    0d6fcc741ced6ab1a0eed7fc3f5b07152ee90325feebb620529529f84ab93bcc

  • SHA512

    e6785060e753ef43976acbcece6b515df5e233b6a19fa9fcab99329dd0e62558eefccbea2972e5ed5439597efa69d61d15516b9518c8ebe25a620b3ab527cf70

  • SSDEEP

    3072:hfAIuZAIuYSMjoqtMHfhf7fAIuZAIuYSMjoqtMHfhfX:hfAIuZAIuDMVtM/tfAIuZAIuDMVtM/p

Score
9/10
ransomwareupx

Malware Config

Targets

    • Target

      2c133153a52d1ca2ffe5cb133b7bd7d0_NeikiAnalytics

    • Size

      196KB

    • MD5

      2c133153a52d1ca2ffe5cb133b7bd7d0

    • SHA1

      367aba4e2af0b42bc12b624ca148bd55a632846c

    • SHA256

      0d6fcc741ced6ab1a0eed7fc3f5b07152ee90325feebb620529529f84ab93bcc

    • SHA512

      e6785060e753ef43976acbcece6b515df5e233b6a19fa9fcab99329dd0e62558eefccbea2972e5ed5439597efa69d61d15516b9518c8ebe25a620b3ab527cf70

    • SSDEEP

      3072:hfAIuZAIuYSMjoqtMHfhf7fAIuZAIuYSMjoqtMHfhfX:hfAIuZAIuDMVtM/tfAIuZAIuDMVtM/p

    Score
    9/10
    ransomwareupx

    • Renames multiple (4155) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks