Overview

overview

9

Static

static

3

3cba42460b...cs.exe

windows7-x64

9

3cba42460b...cs.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3cba42460bf7139111ad9b53fdc119e0_NeikiAnalytics

  • Size

    150KB

  • Sample

    240514-2vpz1sce3v

  • MD5

    3cba42460bf7139111ad9b53fdc119e0

  • SHA1

    31dd9dcf7df93d490f8397c47973ac39e4bc87d4

  • SHA256

    49c0d708c92441c53d6e9b412b57b1597132c65635198964dc67e4661d20606c

  • SHA512

    ff24d069094065ff447a5632f9e960a84317155e4c1d4b8b6c221084b8ad311f556f9624abac1aaf264553065aade0a8daaf9c5a40ca2301132bc94c1c38ba6c

  • SSDEEP

    3072:6pWpUFpEhLfyBtPf50FWkFpPDze/qFsxEhLfyBtPf50FWkFpPDze/qFslEhLfyBJ:PqFF2Ie+e1eqFF2Ie+e1x

Score
9/10
ransomware

Malware Config

Targets

    • Target

      3cba42460bf7139111ad9b53fdc119e0_NeikiAnalytics

    • Size

      150KB

    • MD5

      3cba42460bf7139111ad9b53fdc119e0

    • SHA1

      31dd9dcf7df93d490f8397c47973ac39e4bc87d4

    • SHA256

      49c0d708c92441c53d6e9b412b57b1597132c65635198964dc67e4661d20606c

    • SHA512

      ff24d069094065ff447a5632f9e960a84317155e4c1d4b8b6c221084b8ad311f556f9624abac1aaf264553065aade0a8daaf9c5a40ca2301132bc94c1c38ba6c

    • SSDEEP

      3072:6pWpUFpEhLfyBtPf50FWkFpPDze/qFsxEhLfyBtPf50FWkFpPDze/qFslEhLfyBJ:PqFF2Ie+e1eqFF2Ie+e1x

    Score
    9/10
    ransomware

    • Renames multiple (3692) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks