Overview

overview

9

Static

static

3

fac1d6c8a4...cs.exe

windows7-x64

9

fac1d6c8a4...cs.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    fac1d6c8a406f2fa03194dbe54bfc920_NeikiAnalytics.exe

  • Size

    198KB

  • Sample

    240523-hpn1zsgg9z

  • MD5

    fac1d6c8a406f2fa03194dbe54bfc920

  • SHA1

    f3259f09735424d2256c42f783d6f162f8867f66

  • SHA256

    194991a3305e13f356444f88e74844a3d4da65b9419f8a105ead62697355b82f

  • SHA512

    60c6cab29209a91d8cb7ff6c90acdef4de4ba5fcd6f9b71249817d3e518c181734cb27d98b97aaff6096bcc70b46551f9c8030fc7b4691d41bb079986ddb2b58

  • SSDEEP

    3072:6e7WpoYvHYvIe7Wpxe7WpoYvHYvIe7Wp8:RqySHSrqqqySHSrqG

Score
9/10
ransomware

Malware Config

Targets

    • Target

      fac1d6c8a406f2fa03194dbe54bfc920_NeikiAnalytics.exe

    • Size

      198KB

    • MD5

      fac1d6c8a406f2fa03194dbe54bfc920

    • SHA1

      f3259f09735424d2256c42f783d6f162f8867f66

    • SHA256

      194991a3305e13f356444f88e74844a3d4da65b9419f8a105ead62697355b82f

    • SHA512

      60c6cab29209a91d8cb7ff6c90acdef4de4ba5fcd6f9b71249817d3e518c181734cb27d98b97aaff6096bcc70b46551f9c8030fc7b4691d41bb079986ddb2b58

    • SSDEEP

      3072:6e7WpoYvHYvIe7Wpxe7WpoYvHYvIe7Wp8:RqySHSrqqqySHSrqG

    Score
    9/10
    ransomware

    • Renames multiple (3663) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks