Overview

overview

9

Static

static

7

0877116821...cs.exe

windows7-x64

9

0877116821...cs.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    08771168218f5c9752918aec2a7b55e0_NeikiAnalytics.exe

  • Size

    160KB

  • Sample

    240525-fe17fsfa78

  • MD5

    08771168218f5c9752918aec2a7b55e0

  • SHA1

    a2f17942cdcdfd386798f0cd73d05b8441b7aafa

  • SHA256

    ee6afd97996a1af0c81823190c16af24a9dd660374c337daa9b11c5500fea42c

  • SHA512

    70c46fcd22c60ccf711fd829df1ccb82df9d7156d0919602c319e2fdd17b8d3e495d3a6ac8a0f72de607897102abeb710818de48fda3d68968e5828cf841db52

  • SSDEEP

    1536:67Zf/FAxTWY1++PJHJXA/OsIZfzc3/Q8asUsa7Zf/FAxTWY1++PJHJXA/OsIZfzK:+nyiQSohsUsenyiQSohsUsF

Score
9/10
ransomwareupx

Malware Config

Targets

    • Target

      08771168218f5c9752918aec2a7b55e0_NeikiAnalytics.exe

    • Size

      160KB

    • MD5

      08771168218f5c9752918aec2a7b55e0

    • SHA1

      a2f17942cdcdfd386798f0cd73d05b8441b7aafa

    • SHA256

      ee6afd97996a1af0c81823190c16af24a9dd660374c337daa9b11c5500fea42c

    • SHA512

      70c46fcd22c60ccf711fd829df1ccb82df9d7156d0919602c319e2fdd17b8d3e495d3a6ac8a0f72de607897102abeb710818de48fda3d68968e5828cf841db52

    • SSDEEP

      1536:67Zf/FAxTWY1++PJHJXA/OsIZfzc3/Q8asUsa7Zf/FAxTWY1++PJHJXA/OsIZfzK:+nyiQSohsUsenyiQSohsUsF

    Score
    9/10
    ransomwareupx

    • Renames multiple (4594) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks