Overview

overview

9

Static

static

7

45acd87702...cs.exe

windows7-x64

9

45acd87702...cs.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    45acd87702cb09a2423055095984d7c0_NeikiAnalytics.exe

  • Size

    3.7MB

  • Sample

    240527-mx9pwagh4z

  • MD5

    45acd87702cb09a2423055095984d7c0

  • SHA1

    eef209c1eb6a978f8f7232e5b34424217b183be7

  • SHA256

    b3087e041a5f921c8829574a4865cd2c69898c64089ad96bcb3a45ad16a6ea71

  • SHA512

    1c0c61b63467843e623607efe03acb93bcfde194735b12625c1f9748ffe2830025ceac126e6e04f2e9c29cd2bf3461cd4534176f45ef969890f844a3254d5aef

  • SSDEEP

    49152:AqHcdXRyGWrP/OiFoNFRa6uahv3nmjTNYuUn89KOArxm7Kb6KvySgYnevXA:rYRfvhv30RYI9urj6KvySzne4

Score
9/10
ransomwareupx

Malware Config

Targets

    • Target

      45acd87702cb09a2423055095984d7c0_NeikiAnalytics.exe

    • Size

      3.7MB

    • MD5

      45acd87702cb09a2423055095984d7c0

    • SHA1

      eef209c1eb6a978f8f7232e5b34424217b183be7

    • SHA256

      b3087e041a5f921c8829574a4865cd2c69898c64089ad96bcb3a45ad16a6ea71

    • SHA512

      1c0c61b63467843e623607efe03acb93bcfde194735b12625c1f9748ffe2830025ceac126e6e04f2e9c29cd2bf3461cd4534176f45ef969890f844a3254d5aef

    • SSDEEP

      49152:AqHcdXRyGWrP/OiFoNFRa6uahv3nmjTNYuUn89KOArxm7Kb6KvySgYnevXA:rYRfvhv30RYI9urj6KvySzne4

    Score
    9/10
    ransomwareupx

    • Renames multiple (3756) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks