Overview

overview

9

Static

static

7

57fd112999...cs.exe

windows7-x64

9

57fd112999...cs.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    57fd1129995ce3447c9de14da394d040_NeikiAnalytics

  • Size

    218KB

  • Sample

    240514-cvz3jsfc8x

  • MD5

    57fd1129995ce3447c9de14da394d040

  • SHA1

    ef5b5aef71cf123143219a3493d80192b2182daf

  • SHA256

    903c077732cacd5e83a86a568e51e22a820a45b6b06eecac21b9bed1af1b845b

  • SHA512

    18cec58fa9bde06cb7c7b6c88d7ea3b36c2c252bda9ba2c014ef1da6153773fcd57269c7683775549eb6427409f8d1833f8e44fcd91bc5f51c6619f013c15971

  • SSDEEP

    6144:hfAIuZAIuDMVtM/XSHfAIuZAIuDMVtM/XSy:ZAIuZAIuOYS/AIuZAIuOYSy

Score
9/10
ransomwareupx

Malware Config

Targets

    • Target

      57fd1129995ce3447c9de14da394d040_NeikiAnalytics

    • Size

      218KB

    • MD5

      57fd1129995ce3447c9de14da394d040

    • SHA1

      ef5b5aef71cf123143219a3493d80192b2182daf

    • SHA256

      903c077732cacd5e83a86a568e51e22a820a45b6b06eecac21b9bed1af1b845b

    • SHA512

      18cec58fa9bde06cb7c7b6c88d7ea3b36c2c252bda9ba2c014ef1da6153773fcd57269c7683775549eb6427409f8d1833f8e44fcd91bc5f51c6619f013c15971

    • SSDEEP

      6144:hfAIuZAIuDMVtM/XSHfAIuZAIuDMVtM/XSy:ZAIuZAIuOYS/AIuZAIuOYSy

    Score
    9/10
    ransomwareupx

    • Renames multiple (3224) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks