Overview

overview

9

Static

static

3

3273a5a068...cs.exe

windows7-x64

9

3273a5a068...cs.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3273a5a068b2e772ea344e610d464ea0_NeikiAnalytics.exe

  • Size

    121KB

  • Sample

    240604-f37ddafb24

  • MD5

    3273a5a068b2e772ea344e610d464ea0

  • SHA1

    17079cef38ecc3500a99dd4d075c5ee998c12c03

  • SHA256

    2c3a7563dbe613cbdcc1998ceaa1075f8834b9ab4b520f9559504e26fef612fa

  • SHA512

    f6100a339a2ceb599e00c222c0bb0f64bf8fd5537cf1ede19c221759a7db6d1dde050a2637bd25e554362e9a3157fb988ec74a1f3a4ce2a56b4ab1815be38047

  • SSDEEP

    1536:W7ZDpApYbWjIoPyPoLzV7c6Shd7ZDpApYbWjIoPyPoLzV7c6ShY8:6DWpYDWp0

Score
9/10
ransomware

Malware Config

Targets

    • Target

      3273a5a068b2e772ea344e610d464ea0_NeikiAnalytics.exe

    • Size

      121KB

    • MD5

      3273a5a068b2e772ea344e610d464ea0

    • SHA1

      17079cef38ecc3500a99dd4d075c5ee998c12c03

    • SHA256

      2c3a7563dbe613cbdcc1998ceaa1075f8834b9ab4b520f9559504e26fef612fa

    • SHA512

      f6100a339a2ceb599e00c222c0bb0f64bf8fd5537cf1ede19c221759a7db6d1dde050a2637bd25e554362e9a3157fb988ec74a1f3a4ce2a56b4ab1815be38047

    • SSDEEP

      1536:W7ZDpApYbWjIoPyPoLzV7c6Shd7ZDpApYbWjIoPyPoLzV7c6ShY8:6DWpYDWp0

    Score
    9/10
    ransomware

    • Renames multiple (4832) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks