Overview

overview

9

Static

static

3

25c294339e...cs.exe

windows7-x64

9

25c294339e...cs.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    25c294339e0c6d391c84677d0af71120_NeikiAnalytics.exe

  • Size

    159KB

  • Sample

    240524-t54l6acf38

  • MD5

    25c294339e0c6d391c84677d0af71120

  • SHA1

    478d22f8cd06d04180e7523d10a9f5136dfdab01

  • SHA256

    d05c3c13adb9cd79ddea2fee359e696c67aecf1eb30bea96775573913144ba20

  • SHA512

    e853beb49bcda1d87f6c69a038ee92f1098b0492c67eb8d65166e139ad8f737cf69b111783a01001501a185d53521042b6662d88bbb1b80bbbef0f594a4437e6

  • SSDEEP

    1536:W7ZDpApYbWj2WTWJe+e/qXO7ZDpApYbWj2WTWJe+e/qXzxP:6DWpaWTWJe+exDWpaWTWJe+e2

Score
9/10
ransomware

Malware Config

Targets

    • Target

      25c294339e0c6d391c84677d0af71120_NeikiAnalytics.exe

    • Size

      159KB

    • MD5

      25c294339e0c6d391c84677d0af71120

    • SHA1

      478d22f8cd06d04180e7523d10a9f5136dfdab01

    • SHA256

      d05c3c13adb9cd79ddea2fee359e696c67aecf1eb30bea96775573913144ba20

    • SHA512

      e853beb49bcda1d87f6c69a038ee92f1098b0492c67eb8d65166e139ad8f737cf69b111783a01001501a185d53521042b6662d88bbb1b80bbbef0f594a4437e6

    • SSDEEP

      1536:W7ZDpApYbWj2WTWJe+e/qXO7ZDpApYbWj2WTWJe+e/qXzxP:6DWpaWTWJe+exDWpaWTWJe+e2

    Score
    9/10
    ransomware

    • Renames multiple (843) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks