Overview

overview

9

Static

static

3

7afb38b0a4...cs.exe

windows7-x64

9

7afb38b0a4...cs.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    7afb38b0a451294d261962ff7c9d6c20_NeikiAnalytics.exe

  • Size

    161KB

  • Sample

    240523-c86r9abc83

  • MD5

    7afb38b0a451294d261962ff7c9d6c20

  • SHA1

    78123a9dc291179fcec86a9dc47759d1e10c4387

  • SHA256

    00c9ecc09ecf1a4266588e03b08870162077fab2367205815420f9ba0597a834

  • SHA512

    4cf23065288020698ba77dd1680b4410c244c7ba46e08153638774d0dd308f8f0adf6381287d964737d1fa8982f12406eb8001a20f285ad93a15c05b1ce6bce5

  • SSDEEP

    1536:W7Z9pApQESOHepOHe8G+6E65dyGdykNdNBKZJHJ/vd7Z9pApQESOHepOHe8G+6Eb:69WpQE0zQ9WpQE0znU7

Score
9/10
ransomware

Malware Config

Targets

    • Target

      7afb38b0a451294d261962ff7c9d6c20_NeikiAnalytics.exe

    • Size

      161KB

    • MD5

      7afb38b0a451294d261962ff7c9d6c20

    • SHA1

      78123a9dc291179fcec86a9dc47759d1e10c4387

    • SHA256

      00c9ecc09ecf1a4266588e03b08870162077fab2367205815420f9ba0597a834

    • SHA512

      4cf23065288020698ba77dd1680b4410c244c7ba46e08153638774d0dd308f8f0adf6381287d964737d1fa8982f12406eb8001a20f285ad93a15c05b1ce6bce5

    • SSDEEP

      1536:W7Z9pApQESOHepOHe8G+6E65dyGdykNdNBKZJHJ/vd7Z9pApQESOHepOHe8G+6Eb:69WpQE0zQ9WpQE0znU7

    Score
    9/10
    ransomware

    • Renames multiple (917) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks