Overview

overview

9

Static

static

7

cc35842bae...cs.exe

windows7-x64

9

cc35842bae...cs.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    cc35842bae4c1e0fd3ce26ab98643570_NeikiAnalytics

  • Size

    203KB

  • Sample

    240516-kpb3jace9x

  • MD5

    cc35842bae4c1e0fd3ce26ab98643570

  • SHA1

    51845e82531bc1425ca8d71922d6151769771613

  • SHA256

    8201b3985e65f5d94ddc11e327c305fb3bbb4d0ffc9a7b945d9b1ff820a786ce

  • SHA512

    d74ba01113d0ddf101b47104b98aa9cdbf4f3840b13f9be45094ccd7fc6f28370a0f57767c50c4955e934f8fe6c2264afb08886321563985b84b98db9b94a204

  • SSDEEP

    3072:hfAIuZAIuYSMjoqtMHfhfSfAIuZAIuYSMjoqtMHfhfeWj:hfAIuZAIuDMVtM/IfAIuZAIuDMVtM/z

Score
9/10
ransomwareupx

Malware Config

Targets

    • Target

      cc35842bae4c1e0fd3ce26ab98643570_NeikiAnalytics

    • Size

      203KB

    • MD5

      cc35842bae4c1e0fd3ce26ab98643570

    • SHA1

      51845e82531bc1425ca8d71922d6151769771613

    • SHA256

      8201b3985e65f5d94ddc11e327c305fb3bbb4d0ffc9a7b945d9b1ff820a786ce

    • SHA512

      d74ba01113d0ddf101b47104b98aa9cdbf4f3840b13f9be45094ccd7fc6f28370a0f57767c50c4955e934f8fe6c2264afb08886321563985b84b98db9b94a204

    • SSDEEP

      3072:hfAIuZAIuYSMjoqtMHfhfSfAIuZAIuYSMjoqtMHfhfeWj:hfAIuZAIuDMVtM/IfAIuZAIuDMVtM/z

    Score
    9/10
    ransomwareupx

    • Renames multiple (3486) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks