80c78e419233d7c144f2f1d26e379069e67ee7376118bc58b0735f7f9b0900f3 | Triage

Submit
Reports

Overview

overview

9

Static

static

3

4373a8d7de...cs.exe

windows7-x64

9

4373a8d7de...cs.exe

windows10-2004-x64

9

Sharing

General

Target

4373a8d7deb7a798942235de38e0b710_NeikiAnalytics
Size

268KB
Sample

240515-14t5naef4t
MD5

4373a8d7deb7a798942235de38e0b710
SHA1

83f7d28b68e58a71b8d7eaa6400d3f32702cce3d
SHA256

80c78e419233d7c144f2f1d26e379069e67ee7376118bc58b0735f7f9b0900f3
SHA512

50c541c8c5a4880bb64f7e6aefc73078ff7de42b096f2cdadfd58c44763df8fd3c5db8db79a7917e57b9c7c64ba3d0270e91b0a004fe518cbf747391d531725e
SSDEEP

768:/7BlpQpARFbh2UM/zX1vqX1v+1WbW1rjrA9ZONZOD5ZTXB85c5cfYfn7BlpQpART:/7ZQpApUsKiX26X7ZQpApUsKiX26QE1

Score

9^/10

ransomware

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

4373a8d7deb7a798942235de38e0b710_NeikiAnalytics.exe

Resource

win7-20240508-en

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

4373a8d7deb7a798942235de38e0b710_NeikiAnalytics.exe

Resource

win10v2004-20240426-en

windows10-2004-x64

5 signatures

150 seconds

Malware Config

Targets

- Target
  
  4373a8d7deb7a798942235de38e0b710_NeikiAnalytics
- Size
  
  268KB
- MD5
  
  4373a8d7deb7a798942235de38e0b710
- SHA1
  
  83f7d28b68e58a71b8d7eaa6400d3f32702cce3d
- SHA256
  
  80c78e419233d7c144f2f1d26e379069e67ee7376118bc58b0735f7f9b0900f3
- SHA512
  
  50c541c8c5a4880bb64f7e6aefc73078ff7de42b096f2cdadfd58c44763df8fd3c5db8db79a7917e57b9c7c64ba3d0270e91b0a004fe518cbf747391d531725e
- SSDEEP
  
  768:/7BlpQpARFbh2UM/zX1vqX1v+1WbW1rjrA9ZONZOD5ZTXB85c5cfYfn7BlpQpART:/7ZQpApUsKiX26X7ZQpApUsKiX26QE1
Score

9^/10

ransomware
- Renames multiple (3512) files with added filename extension
  This suggests ransomware activity of encrypting all the files on the system.
  ransomware
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy