Overview

overview

9

Static

static

3

289d055852...cs.exe

windows7-x64

9

289d055852...cs.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    289d055852fdbc21269c50e709e40720_NeikiAnalytics.exe

  • Size

    153KB

  • Sample

    240612-jhp55svcpk

  • MD5

    289d055852fdbc21269c50e709e40720

  • SHA1

    66ba48652d881a947554d29d11570e0cc2fb1cca

  • SHA256

    c69f5107f16737984f503fc545ab404efa8d1b0505ac03d11ee736cac24faf25

  • SHA512

    a05e375e7c14be7a9639172583ed7287a35c517b0643c9fc1e1f4b0684b9dc02e67532adb3637653614ae5cb052a2317143a0311563f1c67a6221211bc507e34

  • SSDEEP

    3072:6e7WpP9oVLQthbYY9oVLQthbUv3e7WpP9oVLQthbYY9oVLQthbUvT:RqA2qAr

Score
9/10
ransomware

Malware Config

Targets

    • Target

      289d055852fdbc21269c50e709e40720_NeikiAnalytics.exe

    • Size

      153KB

    • MD5

      289d055852fdbc21269c50e709e40720

    • SHA1

      66ba48652d881a947554d29d11570e0cc2fb1cca

    • SHA256

      c69f5107f16737984f503fc545ab404efa8d1b0505ac03d11ee736cac24faf25

    • SHA512

      a05e375e7c14be7a9639172583ed7287a35c517b0643c9fc1e1f4b0684b9dc02e67532adb3637653614ae5cb052a2317143a0311563f1c67a6221211bc507e34

    • SSDEEP

      3072:6e7WpP9oVLQthbYY9oVLQthbUv3e7WpP9oVLQthbYY9oVLQthbUvT:RqA2qAr

    Score
    9/10
    ransomware

    • Renames multiple (5818) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks