Overview

overview

9

Static

static

3

117089def6...cs.exe

windows7-x64

9

117089def6...cs.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    117089def6092047622fb4783d2e07f671763cf84d79517ec0050ffd2ab4970a_NeikiAnalytics.exe

  • Size

    74KB

  • Sample

    240619-2dgbjsyglm

  • MD5

    3ff412cd8b308a803a0d6f85bddc9e00

  • SHA1

    b3ecb05c31205ad7d361784605f030340051f90d

  • SHA256

    117089def6092047622fb4783d2e07f671763cf84d79517ec0050ffd2ab4970a

  • SHA512

    9181dab2e969f4bbdb0710eb23cce33b15733c188d175c8831b2a2506a9cccb8b028a69e509198c4b2744aca3cf73684ecbd48ae086cc747a57d27674beede9c

  • SSDEEP

    768:W7BlpppARFbhwEnAAJ+AAJr7BlpppARFbhwEnAAJ+AAJo:W7ZppApwEs7ZppApwEt

Score
9/10
ransomware

Malware Config

Targets

    • Target

      117089def6092047622fb4783d2e07f671763cf84d79517ec0050ffd2ab4970a_NeikiAnalytics.exe

    • Size

      74KB

    • MD5

      3ff412cd8b308a803a0d6f85bddc9e00

    • SHA1

      b3ecb05c31205ad7d361784605f030340051f90d

    • SHA256

      117089def6092047622fb4783d2e07f671763cf84d79517ec0050ffd2ab4970a

    • SHA512

      9181dab2e969f4bbdb0710eb23cce33b15733c188d175c8831b2a2506a9cccb8b028a69e509198c4b2744aca3cf73684ecbd48ae086cc747a57d27674beede9c

    • SSDEEP

      768:W7BlpppARFbhwEnAAJ+AAJr7BlpppARFbhwEnAAJ+AAJo:W7ZppApwEs7ZppApwEt

    Score
    9/10
    ransomware

    • Renames multiple (4387) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks