Overview

overview

9

Static

static

3

119a59df8c...cs.exe

windows7-x64

9

119a59df8c...cs.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    119a59df8c74f0788ca7bab1aa90c0e128065a2b0f0782c921db40f916c05b35_NeikiAnalytics.exe

  • Size

    116KB

  • Sample

    240619-2es2qsygrj

  • MD5

    6bcdade7cbba5f9bd3a1103988befd20

  • SHA1

    d0f2bbd3d5e9647dfbfd9269388b1cbbddddd744

  • SHA256

    119a59df8c74f0788ca7bab1aa90c0e128065a2b0f0782c921db40f916c05b35

  • SHA512

    cfee49e520912dd8fd50093b5aeb6c11a324159c9c9cd2fb99c55a1292a14b38549c2f53250eaeec951834f26d4d82c56bb1a984317ea5fb0d5ad036f6b6cf75

  • SSDEEP

    3072:6NLWpCZLY0KNKnF3KNKnF4NLWpCZLY0KNKnF3KNKnFd:u6SY0KNKnF3KNKnFo6SY0KNKnF3KNKnz

Score
9/10
ransomware

Malware Config

Targets

    • Target

      119a59df8c74f0788ca7bab1aa90c0e128065a2b0f0782c921db40f916c05b35_NeikiAnalytics.exe

    • Size

      116KB

    • MD5

      6bcdade7cbba5f9bd3a1103988befd20

    • SHA1

      d0f2bbd3d5e9647dfbfd9269388b1cbbddddd744

    • SHA256

      119a59df8c74f0788ca7bab1aa90c0e128065a2b0f0782c921db40f916c05b35

    • SHA512

      cfee49e520912dd8fd50093b5aeb6c11a324159c9c9cd2fb99c55a1292a14b38549c2f53250eaeec951834f26d4d82c56bb1a984317ea5fb0d5ad036f6b6cf75

    • SSDEEP

      3072:6NLWpCZLY0KNKnF3KNKnF4NLWpCZLY0KNKnF3KNKnFd:u6SY0KNKnF3KNKnFo6SY0KNKnF3KNKnz

    Score
    9/10
    ransomware

    • Renames multiple (4898) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks