Overview

overview

9

Static

static

3

e813a9ecf4...cs.exe

windows7-x64

9

e813a9ecf4...cs.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    e813a9ecf402891db4c4f872ac35b750_NeikiAnalytics.exe

  • Size

    242KB

  • Sample

    240517-lvyddscd9w

  • MD5

    e813a9ecf402891db4c4f872ac35b750

  • SHA1

    a569b7e9e0f8771ef7b106e4a0f19cb434b7d9eb

  • SHA256

    3df7fbc42090cc0f16ecfec1d7f4fcb6e16d1a6dcffe5f934fecb90971db8306

  • SHA512

    31221617f230179bb9e9ede3c9fca07970bac358a0939acfbcddbd87487079207c4040c2d8ea5c8ac6e8d95a6b7fcfc4f5d8a7c17955d25bbf540493b057be36

  • SSDEEP

    6144:RqlIyFESWu0SWuGSwxJqlIyFESWu0SWuGSwxA:tyiyF

Score
9/10
ransomware

Malware Config

Targets

    • Target

      e813a9ecf402891db4c4f872ac35b750_NeikiAnalytics.exe

    • Size

      242KB

    • MD5

      e813a9ecf402891db4c4f872ac35b750

    • SHA1

      a569b7e9e0f8771ef7b106e4a0f19cb434b7d9eb

    • SHA256

      3df7fbc42090cc0f16ecfec1d7f4fcb6e16d1a6dcffe5f934fecb90971db8306

    • SHA512

      31221617f230179bb9e9ede3c9fca07970bac358a0939acfbcddbd87487079207c4040c2d8ea5c8ac6e8d95a6b7fcfc4f5d8a7c17955d25bbf540493b057be36

    • SSDEEP

      6144:RqlIyFESWu0SWuGSwxJqlIyFESWu0SWuGSwxA:tyiyF

    Score
    9/10
    ransomware

    • Renames multiple (3646) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks