Overview

overview

9

Static

static

7

3ae24dd202...cs.exe

windows7-x64

9

3ae24dd202...cs.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3ae24dd20248555cf8a886eaa75fd440_NeikiAnalytics.exe

  • Size

    116KB

  • Sample

    240604-hrmkyagh2y

  • MD5

    3ae24dd20248555cf8a886eaa75fd440

  • SHA1

    20b633c9e1820ac8dac41f1773a5767b869900c8

  • SHA256

    637fe34dc06e68fcd15ae28c4fcdf2482cb2d7cac2bca66a1948a293e7b51bde

  • SHA512

    99a05a1fb5dfac6d94ba83edec250f771849f24ca834df0e5499aaf08d16b85a7aa73f3dcc5a1dfb4ce7232499bac0cb788f900d5a9e1338ccd0a1f81dc78a0d

  • SSDEEP

    1536:CTWn1++PJHJXA/OsIZfzc3/Q8asUsJOTTWn1++PJHJXA/OsIZfzc3/Q8asUsJOX:KQSohsUsGQSohsUse

Score
9/10
ransomwareupx

Malware Config

Targets

    • Target

      3ae24dd20248555cf8a886eaa75fd440_NeikiAnalytics.exe

    • Size

      116KB

    • MD5

      3ae24dd20248555cf8a886eaa75fd440

    • SHA1

      20b633c9e1820ac8dac41f1773a5767b869900c8

    • SHA256

      637fe34dc06e68fcd15ae28c4fcdf2482cb2d7cac2bca66a1948a293e7b51bde

    • SHA512

      99a05a1fb5dfac6d94ba83edec250f771849f24ca834df0e5499aaf08d16b85a7aa73f3dcc5a1dfb4ce7232499bac0cb788f900d5a9e1338ccd0a1f81dc78a0d

    • SSDEEP

      1536:CTWn1++PJHJXA/OsIZfzc3/Q8asUsJOTTWn1++PJHJXA/OsIZfzc3/Q8asUsJOX:KQSohsUsGQSohsUse

    Score
    9/10
    ransomwareupx

    • Renames multiple (4539) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks