Overview

overview

9

Static

static

7

ac7c6baac4...cs.exe

windows7-x64

9

ac7c6baac4...cs.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    ac7c6baac4ce91f8f044f22dae7279e0_NeikiAnalytics

  • Size

    244KB

  • Sample

    240515-j6qftagg2v

  • MD5

    ac7c6baac4ce91f8f044f22dae7279e0

  • SHA1

    7cc702045bbd56fbbabf01928fc86f693a9810bc

  • SHA256

    09ee240860f09f6c000dc7b725a538d13bc592b137554de3a975ac1ea2f9f762

  • SHA512

    aa7fa4779e94ff117c55ee1f0e43ecbd93e20b2694ed35c850229ce18c7675d332c3f1ac222f964f4a9a99cd4fe39e8d66f9a90d10925239d9df7a7073c3966d

  • SSDEEP

    6144:JmCAIuZAIuDMVtM/OmCAIuZAIuDMVtM/c:7AIuZAIuORAIuZAIuO3

Score
9/10
ransomwareupx

Malware Config

Targets

    • Target

      ac7c6baac4ce91f8f044f22dae7279e0_NeikiAnalytics

    • Size

      244KB

    • MD5

      ac7c6baac4ce91f8f044f22dae7279e0

    • SHA1

      7cc702045bbd56fbbabf01928fc86f693a9810bc

    • SHA256

      09ee240860f09f6c000dc7b725a538d13bc592b137554de3a975ac1ea2f9f762

    • SHA512

      aa7fa4779e94ff117c55ee1f0e43ecbd93e20b2694ed35c850229ce18c7675d332c3f1ac222f964f4a9a99cd4fe39e8d66f9a90d10925239d9df7a7073c3966d

    • SSDEEP

      6144:JmCAIuZAIuDMVtM/OmCAIuZAIuDMVtM/c:7AIuZAIuORAIuZAIuO3

    Score
    9/10
    ransomwareupx

    • Renames multiple (3590) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks