Overview

overview

9

Static

static

7

c56517993b...cs.exe

windows7-x64

9

c56517993b...cs.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    c56517993b04a746a9f86fbfe5e16e40_NeikiAnalytics.exe

  • Size

    160KB

  • Sample

    240603-vq4jaaee58

  • MD5

    c56517993b04a746a9f86fbfe5e16e40

  • SHA1

    eb34ee48f00d16b49738eb60deb9e941abf8de76

  • SHA256

    9ae21bf679484353d451bc0a7e7906b5e5b331cf642a3ad0f02c018f96fc628c

  • SHA512

    6da18e19fb715318874868c79fad45856d924629a65306f8cada5e359b335994a01dfddb77cf85f1c42fc9af0df1cc60ef94a0cc4db9794bc77f08b47befe66b

  • SSDEEP

    3072:enaym3AIuZAIuXPnaym3AIuZAIuX11o8k1o8H:wHm3AIuZAIuXvHm3AIuZAIuXU

Score
9/10
ransomwareupx

Malware Config

Targets

    • Target

      c56517993b04a746a9f86fbfe5e16e40_NeikiAnalytics.exe

    • Size

      160KB

    • MD5

      c56517993b04a746a9f86fbfe5e16e40

    • SHA1

      eb34ee48f00d16b49738eb60deb9e941abf8de76

    • SHA256

      9ae21bf679484353d451bc0a7e7906b5e5b331cf642a3ad0f02c018f96fc628c

    • SHA512

      6da18e19fb715318874868c79fad45856d924629a65306f8cada5e359b335994a01dfddb77cf85f1c42fc9af0df1cc60ef94a0cc4db9794bc77f08b47befe66b

    • SSDEEP

      3072:enaym3AIuZAIuXPnaym3AIuZAIuX11o8k1o8H:wHm3AIuZAIuXvHm3AIuZAIuXU

    Score
    9/10
    ransomwareupx

    • Renames multiple (737) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks