Overview

overview

9

Static

static

3

2a908ca0e9...cs.exe

windows7-x64

9

2a908ca0e9...cs.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    2a908ca0e93978ed9bdafed6ac0deb533c8f6498014fb435b20958d71baf6eeb_NeikiAnalytics.exe

  • Size

    196KB

  • Sample

    240620-c5t92syelk

  • MD5

    3ec17d0a0dfcce1c46a9cbc7e95c7890

  • SHA1

    476d5226dac3889ca4bdb2d2ec88059a965ec609

  • SHA256

    2a908ca0e93978ed9bdafed6ac0deb533c8f6498014fb435b20958d71baf6eeb

  • SHA512

    36419f5f06ef79cbd77084b6f7df691d85357a1f6c2b6d79c35e05338f5807975ca1148e80f50836cfc76ff0e0a52816f0a132b51dd4cbe5f2f15707c464d558

  • SSDEEP

    3072:6rWpcOPxPke+e3fFpsJOfFpsJbgEPrWpcOPxPke+e3fFpsJOfFpsJbgET:tFPxPke+eIyFPxPke+eIT

Score
9/10
ransomware

Malware Config

Targets

    • Target

      2a908ca0e93978ed9bdafed6ac0deb533c8f6498014fb435b20958d71baf6eeb_NeikiAnalytics.exe

    • Size

      196KB

    • MD5

      3ec17d0a0dfcce1c46a9cbc7e95c7890

    • SHA1

      476d5226dac3889ca4bdb2d2ec88059a965ec609

    • SHA256

      2a908ca0e93978ed9bdafed6ac0deb533c8f6498014fb435b20958d71baf6eeb

    • SHA512

      36419f5f06ef79cbd77084b6f7df691d85357a1f6c2b6d79c35e05338f5807975ca1148e80f50836cfc76ff0e0a52816f0a132b51dd4cbe5f2f15707c464d558

    • SSDEEP

      3072:6rWpcOPxPke+e3fFpsJOfFpsJbgEPrWpcOPxPke+e3fFpsJOfFpsJbgET:tFPxPke+eIyFPxPke+eIT

    Score
    9/10
    ransomware

    • Renames multiple (3520) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks