Overview

overview

9

Static

static

3

2546aa765b...cs.exe

windows7-x64

9

2546aa765b...cs.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2546aa765bbd0cd257eaf219b74fd970_NeikiAnalytics.exe

  • Size

    95KB

  • Sample

    240611-dglhnssekl

  • MD5

    2546aa765bbd0cd257eaf219b74fd970

  • SHA1

    99785fc648cf8d6c85b3fd75c44b3d520234f61a

  • SHA256

    2359d30e199400fed2c9664fd65504a6fc2c8f28cd7352dae8e601cd33364dad

  • SHA512

    5af3dfac1112935fed379636003489e5befa3549893284815f2c58ab7f11b5bb2d8b108c0571401a5ef01ffccb77d2664e00a66c783b6647172952c31028c97c

  • SSDEEP

    1536:W7ZNLpApCZuvIYYoYox7ZNLpApCZuvIYYoYoI:6NLWpCZLYbNLWpCZLYI

Score
9/10
ransomware

Malware Config

Targets

    • Target

      2546aa765bbd0cd257eaf219b74fd970_NeikiAnalytics.exe

    • Size

      95KB

    • MD5

      2546aa765bbd0cd257eaf219b74fd970

    • SHA1

      99785fc648cf8d6c85b3fd75c44b3d520234f61a

    • SHA256

      2359d30e199400fed2c9664fd65504a6fc2c8f28cd7352dae8e601cd33364dad

    • SHA512

      5af3dfac1112935fed379636003489e5befa3549893284815f2c58ab7f11b5bb2d8b108c0571401a5ef01ffccb77d2664e00a66c783b6647172952c31028c97c

    • SSDEEP

      1536:W7ZNLpApCZuvIYYoYox7ZNLpApCZuvIYYoYoI:6NLWpCZLYbNLWpCZLYI

    Score
    9/10
    ransomware

    • Renames multiple (3994) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks