Overview

overview

9

Static

static

7

6454ccf706...cs.exe

windows7-x64

9

6454ccf706...cs.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    6454ccf70699e2e8a0a2c7e9445c5e10_NeikiAnalytics.exe

  • Size

    87KB

  • Sample

    240523-a2fw5sfc73

  • MD5

    6454ccf70699e2e8a0a2c7e9445c5e10

  • SHA1

    d717d64a70ec81fa8384d769cf475871994ea0ae

  • SHA256

    e49d5f49b23cc508d4b34c1fba2cf6cf734a57f2b429a8cc32f40292a530b4e5

  • SHA512

    f9a40352759c3752078369c323733cfafba89aac8e28b3337bb24aab9f31c0ca32dbddcf14edec3fb2b0cd94f53ec27011759c1c9a390f29edee611915dbe1e5

  • SSDEEP

    1536:CTWn1++PJHJXA/OsIZfzc3/Q8asUseTWn1++PJHJXA/OsIZfzc3/Q8asUsaYb:KQSohsUs+QSohsUsaYb

Score
9/10
ransomwareupx

Malware Config

Targets

    • Target

      6454ccf70699e2e8a0a2c7e9445c5e10_NeikiAnalytics.exe

    • Size

      87KB

    • MD5

      6454ccf70699e2e8a0a2c7e9445c5e10

    • SHA1

      d717d64a70ec81fa8384d769cf475871994ea0ae

    • SHA256

      e49d5f49b23cc508d4b34c1fba2cf6cf734a57f2b429a8cc32f40292a530b4e5

    • SHA512

      f9a40352759c3752078369c323733cfafba89aac8e28b3337bb24aab9f31c0ca32dbddcf14edec3fb2b0cd94f53ec27011759c1c9a390f29edee611915dbe1e5

    • SSDEEP

      1536:CTWn1++PJHJXA/OsIZfzc3/Q8asUseTWn1++PJHJXA/OsIZfzc3/Q8asUsaYb:KQSohsUs+QSohsUsaYb

    Score
    9/10
    ransomwareupx

    • Renames multiple (4867) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks