Overview

overview

9

Static

static

3

870ada68a1...cs.exe

windows7-x64

9

870ada68a1...cs.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    870ada68a1c87f78015d3ba26de10050_NeikiAnalytics.exe

  • Size

    149KB

  • Sample

    240523-zq5hssgb74

  • MD5

    870ada68a1c87f78015d3ba26de10050

  • SHA1

    4d73b9d7dd8f58344eba7cf41c5b66941f022f24

  • SHA256

    779ce9fca4ff91410ffb313de8831ceee4918b382e8b07b75e23ea0e2a4bff34

  • SHA512

    b566628811556a437a59e03119e92b3340360bf5fbd397cd2218c3a55e9c8b4d2491a9efb826863195beb4dc598a714e5981280ec05d47f279644bcbcb9b1c4f

  • SSDEEP

    3072:69WpQEJAzEWzVNOx0ypIzIu73mYdE9d3s9XL7EWzVNOx0ypIzIu73mYdE9d3s9Xy:nfA3fAv

Score
9/10
ransomware

Malware Config

Targets

    • Target

      870ada68a1c87f78015d3ba26de10050_NeikiAnalytics.exe

    • Size

      149KB

    • MD5

      870ada68a1c87f78015d3ba26de10050

    • SHA1

      4d73b9d7dd8f58344eba7cf41c5b66941f022f24

    • SHA256

      779ce9fca4ff91410ffb313de8831ceee4918b382e8b07b75e23ea0e2a4bff34

    • SHA512

      b566628811556a437a59e03119e92b3340360bf5fbd397cd2218c3a55e9c8b4d2491a9efb826863195beb4dc598a714e5981280ec05d47f279644bcbcb9b1c4f

    • SSDEEP

      3072:69WpQEJAzEWzVNOx0ypIzIu73mYdE9d3s9XL7EWzVNOx0ypIzIu73mYdE9d3s9Xy:nfA3fAv

    Score
    9/10
    ransomware

    • Renames multiple (4661) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks