Overview

overview

9

Static

static

3

15505dd41f...cs.exe

windows7-x64

9

15505dd41f...cs.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    15505dd41f9263cb2345631e0fb59d442a1b083e2e6827409042da4d0def10c5_NeikiAnalytics.exe

  • Size

    78KB

  • Sample

    240619-23bglazgrp

  • MD5

    89b7c08e57559f28d29be55080a7ebc0

  • SHA1

    9d23f483bfb3407d810e2d682d9374e6310294d9

  • SHA256

    15505dd41f9263cb2345631e0fb59d442a1b083e2e6827409042da4d0def10c5

  • SHA512

    da72684649692b91c0f32de1741fe6ff300df40bd0910b190c629c8619e235112818d2bb61383c41b5b328b3f3609814fbe55b124e12875c133fd92452232a75

  • SSDEEP

    768:W7BlpppARFbhwEnAAJ+AAJO7BlpppARFbhwEnAAJ+AAJXWAnWAp:W7ZppApwEd7ZppApwEWtp

Score
9/10
ransomware

Malware Config

Targets

    • Target

      15505dd41f9263cb2345631e0fb59d442a1b083e2e6827409042da4d0def10c5_NeikiAnalytics.exe

    • Size

      78KB

    • MD5

      89b7c08e57559f28d29be55080a7ebc0

    • SHA1

      9d23f483bfb3407d810e2d682d9374e6310294d9

    • SHA256

      15505dd41f9263cb2345631e0fb59d442a1b083e2e6827409042da4d0def10c5

    • SHA512

      da72684649692b91c0f32de1741fe6ff300df40bd0910b190c629c8619e235112818d2bb61383c41b5b328b3f3609814fbe55b124e12875c133fd92452232a75

    • SSDEEP

      768:W7BlpppARFbhwEnAAJ+AAJO7BlpppARFbhwEnAAJ+AAJXWAnWAp:W7ZppApwEd7ZppApwEWtp

    Score
    9/10
    ransomware

    • Renames multiple (5265) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks