Overview

overview

9

Static

static

3

3534c0f19e...cs.exe

windows7-x64

9

3534c0f19e...cs.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    3534c0f19e1e086b6926467e5edcd497fb0161d7bc1ec6b70bb15fe4b89f19e8_NeikiAnalytics.exe

  • Size

    89KB

  • Sample

    240624-dmrlwawbla

  • MD5

    b54e6662eee5002626d0140dad1f2720

  • SHA1

    051601dfdaa06a9d75c10a6160c63e68ed010df4

  • SHA256

    3534c0f19e1e086b6926467e5edcd497fb0161d7bc1ec6b70bb15fe4b89f19e8

  • SHA512

    4e2fca89c062950ee5e3ce284ad53ab8809fb4b2f9d1c720abed5c87280db26d4c0e9fefed23f70e451d0a6c11f88f574d3a4e138067d153bdd384aa3300c5b9

  • SSDEEP

    1536:W7ZppApwEwnmJARJAu7ZppApwEwnmJARJA9St:6pWpUnvpWpUnh

Score
9/10
ransomware

Malware Config

Targets

    • Target

      3534c0f19e1e086b6926467e5edcd497fb0161d7bc1ec6b70bb15fe4b89f19e8_NeikiAnalytics.exe

    • Size

      89KB

    • MD5

      b54e6662eee5002626d0140dad1f2720

    • SHA1

      051601dfdaa06a9d75c10a6160c63e68ed010df4

    • SHA256

      3534c0f19e1e086b6926467e5edcd497fb0161d7bc1ec6b70bb15fe4b89f19e8

    • SHA512

      4e2fca89c062950ee5e3ce284ad53ab8809fb4b2f9d1c720abed5c87280db26d4c0e9fefed23f70e451d0a6c11f88f574d3a4e138067d153bdd384aa3300c5b9

    • SSDEEP

      1536:W7ZppApwEwnmJARJAu7ZppApwEwnmJARJA9St:6pWpUnvpWpUnh

    Score
    9/10
    ransomware

    • Renames multiple (4873) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks