Overview

overview

9

Static

static

7

52ab7e42c9...cs.exe

windows7-x64

9

52ab7e42c9...cs.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    52ab7e42c98cd76d89ccaa5d72d39800_NeikiAnalytics.exe

  • Size

    74KB

  • Sample

    240524-147qrach9v

  • MD5

    52ab7e42c98cd76d89ccaa5d72d39800

  • SHA1

    812394f81bc7df4501628646f070c2bac528ec62

  • SHA256

    b89a5fb294486552c0714a6b3047ccbff143c2bdd1903b449e21951732303173

  • SHA512

    9156efe904c0268092b36ecd1196c14bde0d9818c438f7f39e11bd26777b68fb564bab46692cdd240716a93e6223e9f0810642067efad1815639b7b8b8781401

  • SSDEEP

    1536:V7Zf/FAxTWY1++PJHJXA/OsIZfzc3/Q8xJJMJJQ:fnyiQSoe

Score
9/10
ransomwareupx

Malware Config

Targets

    • Target

      52ab7e42c98cd76d89ccaa5d72d39800_NeikiAnalytics.exe

    • Size

      74KB

    • MD5

      52ab7e42c98cd76d89ccaa5d72d39800

    • SHA1

      812394f81bc7df4501628646f070c2bac528ec62

    • SHA256

      b89a5fb294486552c0714a6b3047ccbff143c2bdd1903b449e21951732303173

    • SHA512

      9156efe904c0268092b36ecd1196c14bde0d9818c438f7f39e11bd26777b68fb564bab46692cdd240716a93e6223e9f0810642067efad1815639b7b8b8781401

    • SSDEEP

      1536:V7Zf/FAxTWY1++PJHJXA/OsIZfzc3/Q8xJJMJJQ:fnyiQSoe

    Score
    9/10
    ransomwareupx

    • Renames multiple (3550) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks