Overview

overview

9

Static

static

7

4f17d82499...cs.exe

windows7-x64

9

4f17d82499...cs.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    4f17d8249936470b4e393ae0fbdaa0c0_NeikiAnalytics.exe

  • Size

    67KB

  • Sample

    240602-h2watsef2z

  • MD5

    4f17d8249936470b4e393ae0fbdaa0c0

  • SHA1

    0951e95cc82f284f14baa273bfcd74220ca272f6

  • SHA256

    7a0fcc1d2a18bf3bf357fbcb28b2567941268d7317e9c6a9642f7781fb56fdbe

  • SHA512

    ae3f5ce18a7a8ea73048305f6bf633571a566962febbbf2d8a839e039a4a592913c3866a941946cb24a5c720855e2545f7ace3cfa3a5bcd9d13609a174d11da2

  • SSDEEP

    1536:V7Zf/FAxTWY1++PJHJXA/OsIZfzc3/QbUY:fnyiQSobUY

Score
9/10
ransomwareupx

Malware Config

Targets

    • Target

      4f17d8249936470b4e393ae0fbdaa0c0_NeikiAnalytics.exe

    • Size

      67KB

    • MD5

      4f17d8249936470b4e393ae0fbdaa0c0

    • SHA1

      0951e95cc82f284f14baa273bfcd74220ca272f6

    • SHA256

      7a0fcc1d2a18bf3bf357fbcb28b2567941268d7317e9c6a9642f7781fb56fdbe

    • SHA512

      ae3f5ce18a7a8ea73048305f6bf633571a566962febbbf2d8a839e039a4a592913c3866a941946cb24a5c720855e2545f7ace3cfa3a5bcd9d13609a174d11da2

    • SSDEEP

      1536:V7Zf/FAxTWY1++PJHJXA/OsIZfzc3/QbUY:fnyiQSobUY

    Score
    9/10
    ransomwareupx

    • Renames multiple (3755) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks