7acb12e93fd4b4415f98153d40f1a0c904fad57fdc5c09627aeda6a03b63af94 | Triage

Submit
Reports

Overview

overview

9

Static

static

7

a6047aa8c7...cs.exe

windows7-x64

9

a6047aa8c7...cs.exe

windows10-2004-x64

9

Sharing

General

Target

a6047aa8c76a048396a45f6f8bf93770_NeikiAnalytics.exe
Size

122KB
Sample

240524-ey62dada57
MD5

a6047aa8c76a048396a45f6f8bf93770
SHA1

e9719c9e73eeaa2027b3e59feac40f378d6faa19
SHA256

7acb12e93fd4b4415f98153d40f1a0c904fad57fdc5c09627aeda6a03b63af94
SHA512

04f6ecc1ddf842848f56091afd290b183affadf6ea6bbd7fb1a9691dfa85de112da435233968416cfaf9ff8d4fdbc9eea488c1c11d4606b0a49119d54c451ca3
SSDEEP

1536:67Zf/FAlsM1++PJHJXFAIuZAIuekc9zBfA1OjBWgOI3uicwa+shcBEN2iqxtdSCf:+nymCAIuZAIuYSMjoqtMHfhf6

Score

9^/10

ransomware upx

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

a6047aa8c76a048396a45f6f8bf93770_NeikiAnalytics.exe

Resource

win7-20240220-en

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral2

Sample

a6047aa8c76a048396a45f6f8bf93770_NeikiAnalytics.exe

Resource

win10v2004-20240508-en

windows10-2004-x64

3 signatures

150 seconds

Malware Config

Targets

- Target
  
  a6047aa8c76a048396a45f6f8bf93770_NeikiAnalytics.exe
- Size
  
  122KB
- MD5
  
  a6047aa8c76a048396a45f6f8bf93770
- SHA1
  
  e9719c9e73eeaa2027b3e59feac40f378d6faa19
- SHA256
  
  7acb12e93fd4b4415f98153d40f1a0c904fad57fdc5c09627aeda6a03b63af94
- SHA512
  
  04f6ecc1ddf842848f56091afd290b183affadf6ea6bbd7fb1a9691dfa85de112da435233968416cfaf9ff8d4fdbc9eea488c1c11d4606b0a49119d54c451ca3
- SSDEEP
  
  1536:67Zf/FAlsM1++PJHJXFAIuZAIuekc9zBfA1OjBWgOI3uicwa+shcBEN2iqxtdSCf:+nymCAIuZAIuYSMjoqtMHfhf6
Score

9^/10

ransomware upx
- Renames multiple (3426) files with added filename extension
  This suggests ransomware activity of encrypting all the files on the system.
  ransomware
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy