Overview

overview

9

Static

static

3

217860672e...cs.exe

windows7-x64

9

217860672e...cs.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    217860672e428994fef9dcc7de76b360_NeikiAnalytics

  • Size

    232KB

  • Sample

    240515-ybtmbagg25

  • MD5

    217860672e428994fef9dcc7de76b360

  • SHA1

    7aa54d853786434745e21802deedbb11ec4ada56

  • SHA256

    ff5ce14a947a6ab1b0922432943d9075273facecb88a241d553810a5222cde57

  • SHA512

    47ddc2f9a7a5f9e2e9b81f6c0352c18ccd4828f1628d1fb08856549cbad6291a6f7f85d1bdd84601410417a76607df07ad9b53539d9fc9d1ffa4a18df75e463e

  • SSDEEP

    768:/7BlpQpARFbh2UM/zX1vqX1v+1WbW1rjrA9ZONZOD5ZTXB85c5R7BlpQpARFbh27:/7ZQpApUsKiX26j7ZQpApUsKiX26o

Score
9/10
ransomware

Malware Config

Targets

    • Target

      217860672e428994fef9dcc7de76b360_NeikiAnalytics

    • Size

      232KB

    • MD5

      217860672e428994fef9dcc7de76b360

    • SHA1

      7aa54d853786434745e21802deedbb11ec4ada56

    • SHA256

      ff5ce14a947a6ab1b0922432943d9075273facecb88a241d553810a5222cde57

    • SHA512

      47ddc2f9a7a5f9e2e9b81f6c0352c18ccd4828f1628d1fb08856549cbad6291a6f7f85d1bdd84601410417a76607df07ad9b53539d9fc9d1ffa4a18df75e463e

    • SSDEEP

      768:/7BlpQpARFbh2UM/zX1vqX1v+1WbW1rjrA9ZONZOD5ZTXB85c5R7BlpQpARFbh27:/7ZQpApUsKiX26j7ZQpApUsKiX26o

    Score
    9/10
    ransomware

    • Renames multiple (3175) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks