Overview

overview

9

Static

static

7

09284b98f9...cs.exe

windows7-x64

9

09284b98f9...cs.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    09284b98f94d78c384d386adc5b2d4a0_NeikiAnalytics.exe

  • Size

    234KB

  • Sample

    240603-12zmcsbg47

  • MD5

    09284b98f94d78c384d386adc5b2d4a0

  • SHA1

    412be0952ba51ad9ea0732d66a0c1c32161c471a

  • SHA256

    a223ca189ce3d0c4ba693a569f2c0d62f902ac7ebb77c11ed6a0b95552248056

  • SHA512

    0cf1f4a1ac4076d80d3e44e5e701abbee329293fa45bab643346556363005de9c592415256915168e6e6047c04b26f3974d4c005785e4f62b4d3c806cce9dabd

  • SSDEEP

    3072:hfAIuZAIuYSMjoqtMHfhflixiHfAIuZAIuYSMjoqtMHfhflixi0:hfAIuZAIuDMVtM/ZfAIuZAIuDMVtM/S

Score
9/10
ransomwareupx

Malware Config

Targets

    • Target

      09284b98f94d78c384d386adc5b2d4a0_NeikiAnalytics.exe

    • Size

      234KB

    • MD5

      09284b98f94d78c384d386adc5b2d4a0

    • SHA1

      412be0952ba51ad9ea0732d66a0c1c32161c471a

    • SHA256

      a223ca189ce3d0c4ba693a569f2c0d62f902ac7ebb77c11ed6a0b95552248056

    • SHA512

      0cf1f4a1ac4076d80d3e44e5e701abbee329293fa45bab643346556363005de9c592415256915168e6e6047c04b26f3974d4c005785e4f62b4d3c806cce9dabd

    • SSDEEP

      3072:hfAIuZAIuYSMjoqtMHfhflixiHfAIuZAIuYSMjoqtMHfhflixi0:hfAIuZAIuDMVtM/ZfAIuZAIuDMVtM/S

    Score
    9/10
    ransomwareupx

    • Renames multiple (3801) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks