Overview

overview

9

Static

static

3

e5e5e7125c...cs.exe

windows7-x64

9

e5e5e7125c...cs.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    e5e5e7125c0ed4071386a5eeb81e0e30_NeikiAnalytics.exe

  • Size

    402KB

  • Sample

    240522-y7vt9afd98

  • MD5

    e5e5e7125c0ed4071386a5eeb81e0e30

  • SHA1

    58280c768ef121f532375e96f90c12d478f28777

  • SHA256

    823a08d92b83a3e4d10f3c777c0072d5e239aecb7561af8d226316e176fe75c5

  • SHA512

    f756622070aa39eaf20c4152a26466907fbf94202ee027847e0d94d4f982d474f547cb6c282ceef74dab75a1e86aa93c4f70b568787c6aaaad897807135151b4

  • SSDEEP

    6144:RqKvb0CYJ973e+eKZ65lqo52kDzMYDJSi7+Ni2ER9Vh98+1PrEVhkQf0huIDaLOD:vvbxYX7Z6MqzBDJkk2ERvT8MPAf/O60

Score
9/10
ransomware

Malware Config

Targets

    • Target

      e5e5e7125c0ed4071386a5eeb81e0e30_NeikiAnalytics.exe

    • Size

      402KB

    • MD5

      e5e5e7125c0ed4071386a5eeb81e0e30

    • SHA1

      58280c768ef121f532375e96f90c12d478f28777

    • SHA256

      823a08d92b83a3e4d10f3c777c0072d5e239aecb7561af8d226316e176fe75c5

    • SHA512

      f756622070aa39eaf20c4152a26466907fbf94202ee027847e0d94d4f982d474f547cb6c282ceef74dab75a1e86aa93c4f70b568787c6aaaad897807135151b4

    • SSDEEP

      6144:RqKvb0CYJ973e+eKZ65lqo52kDzMYDJSi7+Ni2ER9Vh98+1PrEVhkQf0huIDaLOD:vvbxYX7Z6MqzBDJkk2ERvT8MPAf/O60

    Score
    9/10
    ransomware

    • Renames multiple (511) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks