Overview

overview

9

Static

static

3

39f4351ab4...cs.exe

windows7-x64

9

39f4351ab4...cs.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    39f4351ab4431119809668e718002d10_NeikiAnalytics.exe

  • Size

    167KB

  • Sample

    240522-zsaq7sge36

  • MD5

    39f4351ab4431119809668e718002d10

  • SHA1

    8aad79befa3f951344a64b6b01285fa970309790

  • SHA256

    7e2b62e76c52e9f8f1b3f5c7616a529e04b0ed51e0b68527a4eb465c8a91de8b

  • SHA512

    01dbf631bd64e54a12da3aae97b003d7c610787577ea8af6fe935b0955b8b2c89c067c5e6a0ffb38cbf638b4b9d8c7f7cf8489cd18202d57b85c4d235535df65

  • SSDEEP

    3072:6e7WpMaxeb0CYJ97lEYNR73e+eKZ0VXa8e7WpMaxeb0CYJ97lEYNR73e+eKZ0VXv:RqKvb0CYJ973e+eKZ0VcqKvb0CYJ973C

Score
9/10
ransomware

Malware Config

Targets

    • Target

      39f4351ab4431119809668e718002d10_NeikiAnalytics.exe

    • Size

      167KB

    • MD5

      39f4351ab4431119809668e718002d10

    • SHA1

      8aad79befa3f951344a64b6b01285fa970309790

    • SHA256

      7e2b62e76c52e9f8f1b3f5c7616a529e04b0ed51e0b68527a4eb465c8a91de8b

    • SHA512

      01dbf631bd64e54a12da3aae97b003d7c610787577ea8af6fe935b0955b8b2c89c067c5e6a0ffb38cbf638b4b9d8c7f7cf8489cd18202d57b85c4d235535df65

    • SSDEEP

      3072:6e7WpMaxeb0CYJ97lEYNR73e+eKZ0VXa8e7WpMaxeb0CYJ97lEYNR73e+eKZ0VXv:RqKvb0CYJ973e+eKZ0VcqKvb0CYJ973C

    Score
    9/10
    ransomware

    • Renames multiple (3700) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks