Overview

overview

9

Static

static

7

d4ad6b9468...cs.exe

windows7-x64

7

d4ad6b9468...cs.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    d4ad6b9468e2a5ee899121981463f2c0_NeikiAnalytics

  • Size

    222KB

  • Sample

    240515-qz4hescb96

  • MD5

    d4ad6b9468e2a5ee899121981463f2c0

  • SHA1

    4f5ea6b728c9a10131221d10f55da4d390b64451

  • SHA256

    20647ab6a3ec7afc383df40ab0031390d191b108d32990bc3b37e89b565aa99a

  • SHA512

    26e315e1e39a85180b5b810e3093389f5e2dce71ba5fbe7f93ef4f5000db393de31189e5211b8878fa10eaf4f09cb65b3741b39f3704337c23a4672aea44f6bd

  • SSDEEP

    3072:hfAIuZAIuYSMjoqtMHfhflixiccfWVP2ZQfq6Tl7j66sfmTk3WdK11:hfAIuZAIuDMVtM/PWVWQVm6S3WY1

Score
9/10
ransomwareupx

Malware Config

Targets

    • Target

      d4ad6b9468e2a5ee899121981463f2c0_NeikiAnalytics

    • Size

      222KB

    • MD5

      d4ad6b9468e2a5ee899121981463f2c0

    • SHA1

      4f5ea6b728c9a10131221d10f55da4d390b64451

    • SHA256

      20647ab6a3ec7afc383df40ab0031390d191b108d32990bc3b37e89b565aa99a

    • SHA512

      26e315e1e39a85180b5b810e3093389f5e2dce71ba5fbe7f93ef4f5000db393de31189e5211b8878fa10eaf4f09cb65b3741b39f3704337c23a4672aea44f6bd

    • SSDEEP

      3072:hfAIuZAIuYSMjoqtMHfhflixiccfWVP2ZQfq6Tl7j66sfmTk3WdK11:hfAIuZAIuDMVtM/PWVWQVm6S3WY1

    Score
    9/10
    upxransomware

    • Renames multiple (4914) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks