Overview

overview

9

Static

static

3

d8da7b315c...cs.exe

windows7-x64

9

d8da7b315c...cs.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    d8da7b315c66331a74961a98125bfc70_NeikiAnalytics.exe

  • Size

    167KB

  • Sample

    240525-g2x9rahb4y

  • MD5

    d8da7b315c66331a74961a98125bfc70

  • SHA1

    41786caf3c2c5245a0000122ea6b366bda5b97f0

  • SHA256

    f118f40c7b94d35fca1189a861194daa68a9ff2e9b8778e07b8278adee42f5f1

  • SHA512

    698db5d87604a65727fa168ba8d511870f389d29b2647367252812b737782c636555c089424c2d228be20530163a85a8b223e8eb2308db86514d2a1e9fa4061b

  • SSDEEP

    3072:6pWpUFpEhLfyBtPf50FWkFpPDze/qFsxEhLfyBtPf50FWkFpPDze/qFslEhLfyB1:PqFF2Ie+e11qFF2Ie+e1U

Score
9/10
ransomware

Malware Config

Targets

    • Target

      d8da7b315c66331a74961a98125bfc70_NeikiAnalytics.exe

    • Size

      167KB

    • MD5

      d8da7b315c66331a74961a98125bfc70

    • SHA1

      41786caf3c2c5245a0000122ea6b366bda5b97f0

    • SHA256

      f118f40c7b94d35fca1189a861194daa68a9ff2e9b8778e07b8278adee42f5f1

    • SHA512

      698db5d87604a65727fa168ba8d511870f389d29b2647367252812b737782c636555c089424c2d228be20530163a85a8b223e8eb2308db86514d2a1e9fa4061b

    • SSDEEP

      3072:6pWpUFpEhLfyBtPf50FWkFpPDze/qFsxEhLfyBtPf50FWkFpPDze/qFslEhLfyB1:PqFF2Ie+e11qFF2Ie+e1U

    Score
    9/10
    ransomware

    • Renames multiple (3688) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks