Overview

overview

9

Static

static

3

2e701b53c7...cs.exe

windows7-x64

9

2e701b53c7...cs.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2e701b53c7c4189226ef6827de621770_NeikiAnalytics.exe

  • Size

    115KB

  • Sample

    240529-cvefvaff45

  • MD5

    2e701b53c7c4189226ef6827de621770

  • SHA1

    c57556b41b3b09b3b6613ec79f4021a39f0a07be

  • SHA256

    ebb3fa72aa9a25275938450d88e55542f61aeed6e025de66d367349de53d6703

  • SHA512

    c99bfe4125368f035ec0332eec312b46927bef24c38b4f14405b7e60b85f89b498aaf66f4a9be269c7a473018a0452cfc40f49780afde26b33fceafe9ebddb63

  • SSDEEP

    1536:W7ZhA7pApvOsOKjC0YSilpFpfkJOM47ZhA7pApvOsOKjC0YSilpFpfkJOMA:6e7WpXYvnpe7WpXYvnx

Score
9/10
ransomware

Malware Config

Targets

    • Target

      2e701b53c7c4189226ef6827de621770_NeikiAnalytics.exe

    • Size

      115KB

    • MD5

      2e701b53c7c4189226ef6827de621770

    • SHA1

      c57556b41b3b09b3b6613ec79f4021a39f0a07be

    • SHA256

      ebb3fa72aa9a25275938450d88e55542f61aeed6e025de66d367349de53d6703

    • SHA512

      c99bfe4125368f035ec0332eec312b46927bef24c38b4f14405b7e60b85f89b498aaf66f4a9be269c7a473018a0452cfc40f49780afde26b33fceafe9ebddb63

    • SSDEEP

      1536:W7ZhA7pApvOsOKjC0YSilpFpfkJOM47ZhA7pApvOsOKjC0YSilpFpfkJOMA:6e7WpXYvnpe7WpXYvnx

    Score
    9/10
    ransomware

    • Renames multiple (4467) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks