Overview

overview

9

Static

static

3

2af283bc54...cs.exe

windows7-x64

9

2af283bc54...cs.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    2af283bc54bb9143bf0198bbb6eb8ac0_NeikiAnalytics.exe

  • Size

    161KB

  • Sample

    240517-y49t1ahd43

  • MD5

    2af283bc54bb9143bf0198bbb6eb8ac0

  • SHA1

    03d9e75518f77106ab2d6443195a3dfa9ccfd835

  • SHA256

    1feb0bf0164cc3881b2097021b575e165f647fe68ee406c98090df5e934d37a6

  • SHA512

    d506f76b580979e6d7b8292d5abc122bab816690fdb2a0a5f33af584730f61726370d871b77745e793b715702727022ecc12fd891bc01c37a2a0ab6c287f3fa4

  • SSDEEP

    3072:6e7WpP9oVLQthbYY9oVLQthbUvXe7WpP9oVLQthbYY9oVLQthbUvy8Q:RqAWqAs

Score
9/10
ransomware

Malware Config

Targets

    • Target

      2af283bc54bb9143bf0198bbb6eb8ac0_NeikiAnalytics.exe

    • Size

      161KB

    • MD5

      2af283bc54bb9143bf0198bbb6eb8ac0

    • SHA1

      03d9e75518f77106ab2d6443195a3dfa9ccfd835

    • SHA256

      1feb0bf0164cc3881b2097021b575e165f647fe68ee406c98090df5e934d37a6

    • SHA512

      d506f76b580979e6d7b8292d5abc122bab816690fdb2a0a5f33af584730f61726370d871b77745e793b715702727022ecc12fd891bc01c37a2a0ab6c287f3fa4

    • SSDEEP

      3072:6e7WpP9oVLQthbYY9oVLQthbUvXe7WpP9oVLQthbYY9oVLQthbUvy8Q:RqAWqAs

    Score
    9/10
    ransomware

    • Renames multiple (3883) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks