Overview

overview

9

Static

static

7

cf1d604f10...cs.exe

windows7-x64

9

cf1d604f10...cs.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    cf1d604f10b53ec3dc9579566f858da0_NeikiAnalytics.exe

  • Size

    199KB

  • Sample

    240522-y6gagafb7z

  • MD5

    cf1d604f10b53ec3dc9579566f858da0

  • SHA1

    c704424dd5c7fde15621f445fd096c5ae5ad7644

  • SHA256

    f4811bf8b8f3d31cbb7d53b408248ef904ae7445ff14f3ea622285e98d26d622

  • SHA512

    13d9eb894aa597aa014c946e0ee5cc7de1ff9634e3a6ab636042f07f8cf204cb9835d81f8efbe55838eedc0447dbe24a63be8076cd053298e6b2a26d49306469

  • SSDEEP

    3072:fnyiQSolxjO5HSSLq9zobS2NRhn88P6u3hQulwq:KiQSom5HJLq9h2Nv8JuReq

Score
9/10
ransomwareupx

Malware Config

Targets

    • Target

      cf1d604f10b53ec3dc9579566f858da0_NeikiAnalytics.exe

    • Size

      199KB

    • MD5

      cf1d604f10b53ec3dc9579566f858da0

    • SHA1

      c704424dd5c7fde15621f445fd096c5ae5ad7644

    • SHA256

      f4811bf8b8f3d31cbb7d53b408248ef904ae7445ff14f3ea622285e98d26d622

    • SHA512

      13d9eb894aa597aa014c946e0ee5cc7de1ff9634e3a6ab636042f07f8cf204cb9835d81f8efbe55838eedc0447dbe24a63be8076cd053298e6b2a26d49306469

    • SSDEEP

      3072:fnyiQSolxjO5HSSLq9zobS2NRhn88P6u3hQulwq:KiQSom5HJLq9h2Nv8JuReq

    Score
    9/10
    ransomwareupx

    • Renames multiple (3195) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks