Overview

overview

9

Static

static

3

15b64f8e72...cs.exe

windows7-x64

9

15b64f8e72...cs.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    15b64f8e7219ad1330cff1296f377c40_NeikiAnalytics.exe

  • Size

    169KB

  • Sample

    240523-nb2ykseb2s

  • MD5

    15b64f8e7219ad1330cff1296f377c40

  • SHA1

    8998264022a4e1b6cd2353ece224f6166c3b9f01

  • SHA256

    e763aa8bceb8d7b901a622b36f428f8cc150bdec79f3bc2bc1ba68eba34e1e3c

  • SHA512

    7d5cae488beb86cf6737002d39254b0aab83e7582ca379608c4093527dca7ec90d6bca6c12b814fd1cf948c2aed2e7b160010e55b2f6d2de30c9fcd010ed8a29

  • SSDEEP

    3072:6pWpUFpEhLfyBtPf50FWkFpPDze/qFsxEhLfyBtPf50FWkFpPDze/qFslEhLfyBW:PqFF2Ie+eFbqFF2Ie+eFJ

Score
9/10
ransomware

Malware Config

Targets

    • Target

      15b64f8e7219ad1330cff1296f377c40_NeikiAnalytics.exe

    • Size

      169KB

    • MD5

      15b64f8e7219ad1330cff1296f377c40

    • SHA1

      8998264022a4e1b6cd2353ece224f6166c3b9f01

    • SHA256

      e763aa8bceb8d7b901a622b36f428f8cc150bdec79f3bc2bc1ba68eba34e1e3c

    • SHA512

      7d5cae488beb86cf6737002d39254b0aab83e7582ca379608c4093527dca7ec90d6bca6c12b814fd1cf948c2aed2e7b160010e55b2f6d2de30c9fcd010ed8a29

    • SSDEEP

      3072:6pWpUFpEhLfyBtPf50FWkFpPDze/qFsxEhLfyBtPf50FWkFpPDze/qFslEhLfyBW:PqFF2Ie+eFbqFF2Ie+eFJ

    Score
    9/10
    ransomware

    • Renames multiple (4072) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks