Overview

overview

9

Static

static

7

101ea288f7...cs.exe

windows7-x64

9

101ea288f7...cs.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    101ea288f7d21bcc3415e291481abcf0_NeikiAnalytics.exe

  • Size

    115KB

  • Sample

    240516-w9gdjaad2w

  • MD5

    101ea288f7d21bcc3415e291481abcf0

  • SHA1

    2002626650a58b86d6d8609f6f12c0a9db46d1f6

  • SHA256

    0d4f9ec458dfb66a1333a6044ca9ff5403065b1d31bf6bae7754f175098f7447

  • SHA512

    39028c526539e92eca59720ed8f6c21ce59b792beb04c11f581971dfcc0df2a1cbe6ba22e3c8bfc5b058b3d2aea7c9465fe3ba5406ef5926ad57dd4094284324

  • SSDEEP

    1536:67Zf/FAxTWY1++PJHJXA/OsIZu7Zf/FAxTWY1++PJHJXA/OsIZN:+nyiznyiQ

Score
9/10
ransomwareupx

Malware Config

Targets

    • Target

      101ea288f7d21bcc3415e291481abcf0_NeikiAnalytics.exe

    • Size

      115KB

    • MD5

      101ea288f7d21bcc3415e291481abcf0

    • SHA1

      2002626650a58b86d6d8609f6f12c0a9db46d1f6

    • SHA256

      0d4f9ec458dfb66a1333a6044ca9ff5403065b1d31bf6bae7754f175098f7447

    • SHA512

      39028c526539e92eca59720ed8f6c21ce59b792beb04c11f581971dfcc0df2a1cbe6ba22e3c8bfc5b058b3d2aea7c9465fe3ba5406ef5926ad57dd4094284324

    • SSDEEP

      1536:67Zf/FAxTWY1++PJHJXA/OsIZu7Zf/FAxTWY1++PJHJXA/OsIZN:+nyiznyiQ

    Score
    9/10
    ransomwareupx

    • Renames multiple (799) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks