108d41fe637b9091f0a2ecaeeb20797fe48e7544ffd372e41e70be2247bb0186 | Triage

Submit
Reports

Overview

overview

9

Static

static

3

491c9417ff...cs.exe

windows7-x64

9

491c9417ff...cs.exe

windows10-2004-x64

9

Sharing

General

Target

491c9417ff1761db81444849ee8192c0_NeikiAnalytics.exe
Size

160KB
Sample

240522-14epzaag4y
MD5

491c9417ff1761db81444849ee8192c0
SHA1

2ff9cc86919174278d8306211509b76c130ac203
SHA256

108d41fe637b9091f0a2ecaeeb20797fe48e7544ffd372e41e70be2247bb0186
SHA512

7b55fe3672272b42e0542917ae3ed3cfec8e720dc5bcabe6fe0eb036df6e21b404e824eaf1f265e5e0f92037bcd134cf4b5cc21322c7cbb98675bf9f3f2ac64b
SSDEEP

3072:6DWpwE7oL2e+efZwZxDWpwE7oL2e+efZwZL:dN/e+efiON/e+efiZ

Score

9^/10

ransomware

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

491c9417ff1761db81444849ee8192c0_NeikiAnalytics.exe

Resource

win7-20231129-en

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

491c9417ff1761db81444849ee8192c0_NeikiAnalytics.exe

Resource

win10v2004-20240508-en

windows10-2004-x64

5 signatures

150 seconds

Malware Config

Targets

- Target
  
  491c9417ff1761db81444849ee8192c0_NeikiAnalytics.exe
- Size
  
  160KB
- MD5
  
  491c9417ff1761db81444849ee8192c0
- SHA1
  
  2ff9cc86919174278d8306211509b76c130ac203
- SHA256
  
  108d41fe637b9091f0a2ecaeeb20797fe48e7544ffd372e41e70be2247bb0186
- SHA512
  
  7b55fe3672272b42e0542917ae3ed3cfec8e720dc5bcabe6fe0eb036df6e21b404e824eaf1f265e5e0f92037bcd134cf4b5cc21322c7cbb98675bf9f3f2ac64b
- SSDEEP
  
  3072:6DWpwE7oL2e+efZwZxDWpwE7oL2e+efZwZL:dN/e+efiON/e+efiZ
Score

9^/10

ransomware
- Renames multiple (3918) files with added filename extension
  This suggests ransomware activity of encrypting all the files on the system.
  ransomware
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy