Overview

overview

9

Static

static

7

5903c827a4...cs.exe

windows7-x64

9

5903c827a4...cs.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    5903c827a48915f379bcc4baccc02b20_NeikiAnalytics.exe

  • Size

    63KB

  • Sample

    240526-dnmpbacg3w

  • MD5

    5903c827a48915f379bcc4baccc02b20

  • SHA1

    27f5b2420398daa03c3be21ce26f9fc0f87ba514

  • SHA256

    8183873208f19db3fca967c34c15e8077765c5e06c2a2363b88d651433b7624d

  • SHA512

    c6f55cc5a10a2690dc7e83f22547b5434992b7e6e14e4c8c65b8149697e5047e97b00a5860cb1dd414f96a28d3689ed4eda17bf23a71f4a24f3c58c17d53d329

  • SSDEEP

    1536:V7Zf/FAxTWY1++PJHJXA/OsIZfzc3/Q8i:fnyiQSox

Score
9/10
ransomwareupx

Malware Config

Targets

    • Target

      5903c827a48915f379bcc4baccc02b20_NeikiAnalytics.exe

    • Size

      63KB

    • MD5

      5903c827a48915f379bcc4baccc02b20

    • SHA1

      27f5b2420398daa03c3be21ce26f9fc0f87ba514

    • SHA256

      8183873208f19db3fca967c34c15e8077765c5e06c2a2363b88d651433b7624d

    • SHA512

      c6f55cc5a10a2690dc7e83f22547b5434992b7e6e14e4c8c65b8149697e5047e97b00a5860cb1dd414f96a28d3689ed4eda17bf23a71f4a24f3c58c17d53d329

    • SSDEEP

      1536:V7Zf/FAxTWY1++PJHJXA/OsIZfzc3/Q8i:fnyiQSox

    Score
    9/10
    ransomwareupx

    • Renames multiple (3452) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks