Overview

overview

9

Static

static

7

1c05c73958...cs.exe

windows7-x64

9

1c05c73958...cs.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    1c05c73958db2b96d175b57e6b28b2a0_NeikiAnalytics.exe

  • Size

    87KB

  • Sample

    240527-dqw1rsfc22

  • MD5

    1c05c73958db2b96d175b57e6b28b2a0

  • SHA1

    5d783e4917930416a824fd41a9b8c58abcdff8b0

  • SHA256

    0aad3cd2b24276ed16ed9b856cc4f730e9fe5474d4326961a5a2fcb4286b4f4e

  • SHA512

    c8009fa52cf75ee5b3983acbbab792d2e17f00bc8608b7e4e17f91ce65065a2fc9d8531c88794a0e9aacc72317df3c757565cbd09dc28f79925bcbc21dc7463f

  • SSDEEP

    1536:CTWn1++PJHJXA/OsIZfzc3/Q8kTWn1++PJHJXA/OsIZfzc3/Q8A03vR03vj:KQSorQSovYRYj

Score
9/10
ransomwareupx

Malware Config

Targets

    • Target

      1c05c73958db2b96d175b57e6b28b2a0_NeikiAnalytics.exe

    • Size

      87KB

    • MD5

      1c05c73958db2b96d175b57e6b28b2a0

    • SHA1

      5d783e4917930416a824fd41a9b8c58abcdff8b0

    • SHA256

      0aad3cd2b24276ed16ed9b856cc4f730e9fe5474d4326961a5a2fcb4286b4f4e

    • SHA512

      c8009fa52cf75ee5b3983acbbab792d2e17f00bc8608b7e4e17f91ce65065a2fc9d8531c88794a0e9aacc72317df3c757565cbd09dc28f79925bcbc21dc7463f

    • SSDEEP

      1536:CTWn1++PJHJXA/OsIZfzc3/Q8kTWn1++PJHJXA/OsIZfzc3/Q8A03vR03vj:KQSorQSovYRYj

    Score
    9/10
    ransomwareupx

    • Renames multiple (4855) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks