Overview

overview

9

Static

static

3

8dfef4c239...cs.exe

windows7-x64

9

8dfef4c239...cs.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    8dfef4c239b766c8846e3d93befc2fb0_NeikiAnalytics.exe

  • Size

    159KB

  • Sample

    240524-yyyvjshe7s

  • MD5

    8dfef4c239b766c8846e3d93befc2fb0

  • SHA1

    03d3e6ae26cd1c5381afbce7cb7b892658695130

  • SHA256

    1c4220e480ef330830e61f2d7b0d917e938abd7da089fc03239757135d6f34f6

  • SHA512

    376a9f9dfe2871c1fc2184cdf2673c83d76b0d24d484175b64815c552f2e1b87431b1cafb1c7a32b6f1a9ab0ce1b49856ff1d13e2fb5b21321df42377cdc70ad

  • SSDEEP

    3072:6e7WpMaxeb0CYJ97lEYNR73e+eKZ0e7WpMaxeb0CYJ97lEYNR73e+eKZD:RqKvb0CYJ973e+eKZ/qKvb0CYJ973e+5

Score
9/10
ransomware

Malware Config

Targets

    • Target

      8dfef4c239b766c8846e3d93befc2fb0_NeikiAnalytics.exe

    • Size

      159KB

    • MD5

      8dfef4c239b766c8846e3d93befc2fb0

    • SHA1

      03d3e6ae26cd1c5381afbce7cb7b892658695130

    • SHA256

      1c4220e480ef330830e61f2d7b0d917e938abd7da089fc03239757135d6f34f6

    • SHA512

      376a9f9dfe2871c1fc2184cdf2673c83d76b0d24d484175b64815c552f2e1b87431b1cafb1c7a32b6f1a9ab0ce1b49856ff1d13e2fb5b21321df42377cdc70ad

    • SSDEEP

      3072:6e7WpMaxeb0CYJ97lEYNR73e+eKZ0e7WpMaxeb0CYJ97lEYNR73e+eKZD:RqKvb0CYJ973e+eKZ/qKvb0CYJ973e+5

    Score
    9/10
    ransomware

    • Renames multiple (4668) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks