Overview

overview

9

Static

static

7

a41dcc8ddf...cs.exe

windows7-x64

9

a41dcc8ddf...cs.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    a41dcc8ddf3eecc2bdc222055ca4c350_NeikiAnalytics.exe

  • Size

    131KB

  • Sample

    240603-p4xd8sge47

  • MD5

    a41dcc8ddf3eecc2bdc222055ca4c350

  • SHA1

    8d46f66c4eba374f3b10fc8034a74cbc197b19cc

  • SHA256

    4825b8b49320c44f1a81d05c9565c619a4d0c6771bed96ddbcd31576b9890ac9

  • SHA512

    0e97f43f8afcb74c3c5533b2cebb881499688d88df7408e18b0d61cde7eb13d2cc4b18e550c6c2e3e699b4e02943d12a31ba7d92b03141d818682bb83311d6d0

  • SSDEEP

    1536:67Zf/FAxTWY1++PJHJXA/OsIZISWh7SWhk7Zf/FAxTWY1++PJHJXA/OsIZISWh7l:+nyi/SWh7SWhknyi/SWh7SWhl

Score
9/10
ransomwareupx

Malware Config

Targets

    • Target

      a41dcc8ddf3eecc2bdc222055ca4c350_NeikiAnalytics.exe

    • Size

      131KB

    • MD5

      a41dcc8ddf3eecc2bdc222055ca4c350

    • SHA1

      8d46f66c4eba374f3b10fc8034a74cbc197b19cc

    • SHA256

      4825b8b49320c44f1a81d05c9565c619a4d0c6771bed96ddbcd31576b9890ac9

    • SHA512

      0e97f43f8afcb74c3c5533b2cebb881499688d88df7408e18b0d61cde7eb13d2cc4b18e550c6c2e3e699b4e02943d12a31ba7d92b03141d818682bb83311d6d0

    • SSDEEP

      1536:67Zf/FAxTWY1++PJHJXA/OsIZISWh7SWhk7Zf/FAxTWY1++PJHJXA/OsIZISWh7l:+nyi/SWh7SWhknyi/SWh7SWhl

    Score
    9/10
    ransomwareupx

    • Renames multiple (4375) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks