Overview

overview

9

Static

static

7

1ea5b2bfa6...cs.exe

windows7-x64

9

1ea5b2bfa6...cs.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    1ea5b2bfa61f32ac146370e967e36280_NeikiAnalytics.exe

  • Size

    251KB

  • Sample

    240604-b7agzshb3s

  • MD5

    1ea5b2bfa61f32ac146370e967e36280

  • SHA1

    42f47e7581f9da4b0ab0ba979bf6e20fbcd07be9

  • SHA256

    0bb66e1343dd966f15d042770ce309822d1384ccf4810363f8772c8a31fd5d42

  • SHA512

    b437c6d42d89f6d011ac60418facd39952205732c78f64c88f78d943c1ca8e6839fb2ad028fc8e76eb7dfad7d3a2aab7973612ccb654ad6794c75fcd3e826225

  • SSDEEP

    3072:fnymCAIuZAIuYSMjoqtMHfhfkfAIuZAIuYSMjoqtMHfhfz:KmCAIuZAIuDMVtM/ifAIuZAIuDMVtM/d

Score
9/10
ransomwareupx

Malware Config

Targets

    • Target

      1ea5b2bfa61f32ac146370e967e36280_NeikiAnalytics.exe

    • Size

      251KB

    • MD5

      1ea5b2bfa61f32ac146370e967e36280

    • SHA1

      42f47e7581f9da4b0ab0ba979bf6e20fbcd07be9

    • SHA256

      0bb66e1343dd966f15d042770ce309822d1384ccf4810363f8772c8a31fd5d42

    • SHA512

      b437c6d42d89f6d011ac60418facd39952205732c78f64c88f78d943c1ca8e6839fb2ad028fc8e76eb7dfad7d3a2aab7973612ccb654ad6794c75fcd3e826225

    • SSDEEP

      3072:fnymCAIuZAIuYSMjoqtMHfhfkfAIuZAIuYSMjoqtMHfhfz:KmCAIuZAIuDMVtM/ifAIuZAIuDMVtM/d

    Score
    9/10
    ransomwareupx

    • Renames multiple (2820) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks