Overview

overview

9

Static

static

3

3ec534203b...cs.exe

windows7-x64

9

3ec534203b...cs.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    3ec534203b0bb7b276aa7edc2877ba0bd8f6940932f30614170fd2f005ebe38c_NeikiAnalytics.exe

  • Size

    285KB

  • Sample

    240627-3kypvaydmb

  • MD5

    2ad0184be9dc9eb4a3af6322cf2237c0

  • SHA1

    4e7e768ca7cc500c6ddaa169357c4aa50f5cbf6e

  • SHA256

    3ec534203b0bb7b276aa7edc2877ba0bd8f6940932f30614170fd2f005ebe38c

  • SHA512

    444d4c1407d4fa1751193a8246ff36ef47841b0154edbd057d3dfe85a662a888c2d49039e474e90581de61dfee8d8f0e51214298e497dad7b704e1cb183e45f7

  • SSDEEP

    3072:Te76WQSoskRYd6W2QZwKS74e76WQSoskRYd6W2QZwKS7x:SeWQSo1Y52ZKS7beWQSo1Y52ZKS7x

Score
9/10
ransomware

Malware Config

Targets

    • Target

      3ec534203b0bb7b276aa7edc2877ba0bd8f6940932f30614170fd2f005ebe38c_NeikiAnalytics.exe

    • Size

      285KB

    • MD5

      2ad0184be9dc9eb4a3af6322cf2237c0

    • SHA1

      4e7e768ca7cc500c6ddaa169357c4aa50f5cbf6e

    • SHA256

      3ec534203b0bb7b276aa7edc2877ba0bd8f6940932f30614170fd2f005ebe38c

    • SHA512

      444d4c1407d4fa1751193a8246ff36ef47841b0154edbd057d3dfe85a662a888c2d49039e474e90581de61dfee8d8f0e51214298e497dad7b704e1cb183e45f7

    • SSDEEP

      3072:Te76WQSoskRYd6W2QZwKS74e76WQSoskRYd6W2QZwKS7x:SeWQSo1Y52ZKS7beWQSo1Y52ZKS7x

    Score
    9/10
    ransomware

    • Renames multiple (3484) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks