Overview

overview

9

Static

static

3

02273c429e...cs.exe

windows7-x64

9

02273c429e...cs.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    02273c429e7574948fa037cf45336a50_NeikiAnalytics.exe

  • Size

    168KB

  • Sample

    240525-nfrcmsfa89

  • MD5

    02273c429e7574948fa037cf45336a50

  • SHA1

    01131f9834783dd75755bbf365ce0186b9e8db4e

  • SHA256

    6dd5abeac39e494476d850b00bb1bc7e31e1b8b2a80cee681c087a6a5af77457

  • SHA512

    e97da7118eecd37713c5231e12b8280f8d94237cf51e0bac44159e995e22717f669fd066314095ab0724bbb83eeb65c6057b9c5772eeca37acfcc1d0297daa3b

  • SSDEEP

    1536:W7Z9pApQESOHepOHe8G+6E65dyGdykNdNBKk7Z9pApQESOHepOHe8G+6E65dyGdK:69WpQE0zd9WpQE0z4

Score
9/10
ransomware

Malware Config

Targets

    • Target

      02273c429e7574948fa037cf45336a50_NeikiAnalytics.exe

    • Size

      168KB

    • MD5

      02273c429e7574948fa037cf45336a50

    • SHA1

      01131f9834783dd75755bbf365ce0186b9e8db4e

    • SHA256

      6dd5abeac39e494476d850b00bb1bc7e31e1b8b2a80cee681c087a6a5af77457

    • SHA512

      e97da7118eecd37713c5231e12b8280f8d94237cf51e0bac44159e995e22717f669fd066314095ab0724bbb83eeb65c6057b9c5772eeca37acfcc1d0297daa3b

    • SSDEEP

      1536:W7Z9pApQESOHepOHe8G+6E65dyGdykNdNBKk7Z9pApQESOHepOHe8G+6E65dyGdK:69WpQE0zd9WpQE0z4

    Score
    9/10
    ransomware

    • Renames multiple (726) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks