Overview

overview

9

Static

static

3

116a2ed8dc...cs.exe

windows7-x64

9

116a2ed8dc...cs.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    116a2ed8dc461c9d2f8ce398f2ef09a79a5cbdc6cf9134668db002fb401e16d9_NeikiAnalytics.exe

  • Size

    69KB

  • Sample

    240619-2c6vtaygkk

  • MD5

    a18d611274c3a4cf4a37fb2dfb6a53e0

  • SHA1

    3cf88925b74e77ba6e2dc35e4a4a92065454629c

  • SHA256

    116a2ed8dc461c9d2f8ce398f2ef09a79a5cbdc6cf9134668db002fb401e16d9

  • SHA512

    3d6e84085eda8c1eb97b050d0c0dc99dfa33a8b19601bb3282dccc3c5c4bfc0b0499f7635840f7376f0fc46727063e7152817942b219ecf905924498332063c1

  • SSDEEP

    768:W7BlpppARFbhFAQ7BlpppARFbhFAMsgQw58eGkz2rcuesgQw58eGkz2rcuD:W7ZppApb7ZppApk

Score
9/10
ransomware

Malware Config

Targets

    • Target

      116a2ed8dc461c9d2f8ce398f2ef09a79a5cbdc6cf9134668db002fb401e16d9_NeikiAnalytics.exe

    • Size

      69KB

    • MD5

      a18d611274c3a4cf4a37fb2dfb6a53e0

    • SHA1

      3cf88925b74e77ba6e2dc35e4a4a92065454629c

    • SHA256

      116a2ed8dc461c9d2f8ce398f2ef09a79a5cbdc6cf9134668db002fb401e16d9

    • SHA512

      3d6e84085eda8c1eb97b050d0c0dc99dfa33a8b19601bb3282dccc3c5c4bfc0b0499f7635840f7376f0fc46727063e7152817942b219ecf905924498332063c1

    • SSDEEP

      768:W7BlpppARFbhFAQ7BlpppARFbhFAMsgQw58eGkz2rcuesgQw58eGkz2rcuD:W7ZppApb7ZppApk

    Score
    9/10
    ransomware

    • Renames multiple (4324) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks