Overview

overview

9

Static

static

3

53fcaef3c8...cs.exe

windows7-x64

9

53fcaef3c8...cs.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    53fcaef3c86dfb636975b0982e666590_NeikiAnalytics

  • Size

    133KB

  • Sample

    240514-ch4j7sfd79

  • MD5

    53fcaef3c86dfb636975b0982e666590

  • SHA1

    26171a57f94c71d6a1970cb4efb5bce2f8e29dc1

  • SHA256

    1a7b27bbd20cc288d140af5d6f53f15571bfa8940b158c21e2c22b17b52d8d22

  • SHA512

    9dc05170437f6bebefe72858ca32c7c6adb1672aadefa5099abecb3a6e9ec22a4fea2896460b019140e1ba15d119492701cd9da7c351279e49b7a94eb194ac16

  • SSDEEP

    3072:6pWpUFpEhLfyBtPf50FWkFpPDze/qFsxEhLfyBtPf50FWkFpPDze/qFslEhLfyBv:PqFF2Ie+eqqFF2Ie+ej

Score
9/10
ransomware

Malware Config

Targets

    • Target

      53fcaef3c86dfb636975b0982e666590_NeikiAnalytics

    • Size

      133KB

    • MD5

      53fcaef3c86dfb636975b0982e666590

    • SHA1

      26171a57f94c71d6a1970cb4efb5bce2f8e29dc1

    • SHA256

      1a7b27bbd20cc288d140af5d6f53f15571bfa8940b158c21e2c22b17b52d8d22

    • SHA512

      9dc05170437f6bebefe72858ca32c7c6adb1672aadefa5099abecb3a6e9ec22a4fea2896460b019140e1ba15d119492701cd9da7c351279e49b7a94eb194ac16

    • SSDEEP

      3072:6pWpUFpEhLfyBtPf50FWkFpPDze/qFsxEhLfyBtPf50FWkFpPDze/qFslEhLfyBv:PqFF2Ie+eqqFF2Ie+ej

    Score
    9/10
    ransomware

    • Renames multiple (4042) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks