Overview

overview

9

Static

static

3

7285ae4186...cs.exe

windows7-x64

9

7285ae4186...cs.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    7285ae4186a6ce60185d062850456a70_NeikiAnalytics.exe

  • Size

    156KB

  • Sample

    240525-c3kb3abg77

  • MD5

    7285ae4186a6ce60185d062850456a70

  • SHA1

    0f3aa8b765062999fa18dfbb5e0575041c49ecf0

  • SHA256

    7a88a126b48912aa9213976d17aa4166122507cd45c95a3dfee46f99810dd1ee

  • SHA512

    5544fdf0c6fcdd32d22dffa7e338ca1c696ba0fed36f768c81ff28144e353888d249f5b572b171018bc9e5a0fea86a3e6b8aa72744734f5b8aaa952b4cf913df

  • SSDEEP

    384:GBt7Br5xjL9AgA71FbhvoBlLL4Bt7Br5xjL9AgA71FbhvoBlLLcKD:W7BlpppARFbhB7BlpppARFbhC

Score
9/10
ransomware

Malware Config

Targets

    • Target

      7285ae4186a6ce60185d062850456a70_NeikiAnalytics.exe

    • Size

      156KB

    • MD5

      7285ae4186a6ce60185d062850456a70

    • SHA1

      0f3aa8b765062999fa18dfbb5e0575041c49ecf0

    • SHA256

      7a88a126b48912aa9213976d17aa4166122507cd45c95a3dfee46f99810dd1ee

    • SHA512

      5544fdf0c6fcdd32d22dffa7e338ca1c696ba0fed36f768c81ff28144e353888d249f5b572b171018bc9e5a0fea86a3e6b8aa72744734f5b8aaa952b4cf913df

    • SSDEEP

      384:GBt7Br5xjL9AgA71FbhvoBlLL4Bt7Br5xjL9AgA71FbhvoBlLLcKD:W7BlpppARFbhB7BlpppARFbhC

    Score
    9/10
    ransomware

    • Renames multiple (4193) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks