Overview

overview

9

Static

static

3

a5a808114b...cs.exe

windows7-x64

9

a5a808114b...cs.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    a5a808114b98f53f2fc496910ae8a3d0_NeikiAnalytics.exe

  • Size

    161KB

  • Sample

    240523-g1vr8sga93

  • MD5

    a5a808114b98f53f2fc496910ae8a3d0

  • SHA1

    380d2935f46951b7d786160db1fd35f225d007d9

  • SHA256

    9ddde12ab8732fd119c8e5d114146fe53595fb7417b317a744037bc51b161085

  • SHA512

    f2c2be4eb9d0fb0b21071a01d1b83d21395f8f943ab61000d223d5efd0a12c12e824684862c2b611237509c187618b5bc425935578938827ca642c837071e6ca

  • SSDEEP

    3072:6pWpUFpEhLfyBtPf50FWkFpPDze/qFsxEhLfyBtPf50FWkFpPDze/qFslEhLfyBh:PqFF2Ie+eFwqFF2Ie+eF/

Score
9/10
ransomware

Malware Config

Targets

    • Target

      a5a808114b98f53f2fc496910ae8a3d0_NeikiAnalytics.exe

    • Size

      161KB

    • MD5

      a5a808114b98f53f2fc496910ae8a3d0

    • SHA1

      380d2935f46951b7d786160db1fd35f225d007d9

    • SHA256

      9ddde12ab8732fd119c8e5d114146fe53595fb7417b317a744037bc51b161085

    • SHA512

      f2c2be4eb9d0fb0b21071a01d1b83d21395f8f943ab61000d223d5efd0a12c12e824684862c2b611237509c187618b5bc425935578938827ca642c837071e6ca

    • SSDEEP

      3072:6pWpUFpEhLfyBtPf50FWkFpPDze/qFsxEhLfyBtPf50FWkFpPDze/qFslEhLfyBh:PqFF2Ie+eFwqFF2Ie+eF/

    Score
    9/10
    ransomware

    • Renames multiple (3796) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks