Overview

overview

9

Static

static

3

1fa255d193...cs.exe

windows7-x64

9

1fa255d193...cs.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    1fa255d193e3902f8e9de2978c8a12da119305b1546c40984c8acb9b815ce390_NeikiAnalytics.exe

  • Size

    186KB

  • Sample

    240625-21w1hsygpg

  • MD5

    026bdf7a7bda7f92a92b371c89184660

  • SHA1

    55b36b86c1ba4ec7d5ee58bf9413112ff1672316

  • SHA256

    1fa255d193e3902f8e9de2978c8a12da119305b1546c40984c8acb9b815ce390

  • SHA512

    8a436ddef922482d04f374e6b40578c524f52fe97f2443681a2c9aa3f3f5ce42820c0b7da21fc125094521cea3576400d35790acdb6becac3c30fe7067eb2c13

  • SSDEEP

    3072:6e7WpMaxeb0CYJ97lEYNR73e+eKZOf7f7e7WpMaxeb0CYJ97lEYNR73e+eKZOf7/:RqKvb0CYJ973e+eKZOf7f6qKvb0CYJ9+

Score
9/10
ransomware

Malware Config

Targets

    • Target

      1fa255d193e3902f8e9de2978c8a12da119305b1546c40984c8acb9b815ce390_NeikiAnalytics.exe

    • Size

      186KB

    • MD5

      026bdf7a7bda7f92a92b371c89184660

    • SHA1

      55b36b86c1ba4ec7d5ee58bf9413112ff1672316

    • SHA256

      1fa255d193e3902f8e9de2978c8a12da119305b1546c40984c8acb9b815ce390

    • SHA512

      8a436ddef922482d04f374e6b40578c524f52fe97f2443681a2c9aa3f3f5ce42820c0b7da21fc125094521cea3576400d35790acdb6becac3c30fe7067eb2c13

    • SSDEEP

      3072:6e7WpMaxeb0CYJ97lEYNR73e+eKZOf7f7e7WpMaxeb0CYJ97lEYNR73e+eKZOf7/:RqKvb0CYJ973e+eKZOf7f6qKvb0CYJ9+

    Score
    9/10
    ransomware

    • Renames multiple (5443) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks