Overview

overview

10

Static

static

3

071fe5a383...cs.dll

windows7-x64

10

071fe5a383...cs.dll

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    071fe5a38335e876bb295ab2f007eb50_NeikiAnalytics.exe

  • Size

    5.0MB

  • Sample

    240516-wkyxaagf9s

  • MD5

    071fe5a38335e876bb295ab2f007eb50

  • SHA1

    a3f943f4506d2447cc9cd7d8d88f101e76a922f8

  • SHA256

    fd5ab701cb78cfde475a5265ccc2019eb6cf107e9728934bf546ded031f3facd

  • SHA512

    1ff969e135aa19bd8e5a6e3f428cc9ef5e029f9d3eff306db2db8b410fe7f74176812f19426cc67f3c4c50aeaddaad8aade52bdc5e0375a7ae8b8f93ebaf11b0

  • SSDEEP

    49152:pnAQqMSPbcBVQej/1INRx+TSqTdX1HkQo6SAA:9DqPoBhz1aRxcSUDk36SA

Score
10/10
wannacrydiscoveryransomwareworm

Malware Config

Targets

    • Target

      071fe5a38335e876bb295ab2f007eb50_NeikiAnalytics.exe

    • Size

      5.0MB

    • MD5

      071fe5a38335e876bb295ab2f007eb50

    • SHA1

      a3f943f4506d2447cc9cd7d8d88f101e76a922f8

    • SHA256

      fd5ab701cb78cfde475a5265ccc2019eb6cf107e9728934bf546ded031f3facd

    • SHA512

      1ff969e135aa19bd8e5a6e3f428cc9ef5e029f9d3eff306db2db8b410fe7f74176812f19426cc67f3c4c50aeaddaad8aade52bdc5e0375a7ae8b8f93ebaf11b0

    • SSDEEP

      49152:pnAQqMSPbcBVQej/1INRx+TSqTdX1HkQo6SAA:9DqPoBhz1aRxcSUDk36SA

    Score
    10/10
    wannacrydiscoveryransomwareworm

    • Wannacry

      WannaCry is a ransomware cryptoworm.

      ransomwarewormwannacry

    • Contacts a large (3134) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

      discovery

    • Executes dropped EXE

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

      discovery

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Tasks