Overview

overview

9

Static

static

3

673ae14d4b...cs.exe

windows7-x64

9

673ae14d4b...cs.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    673ae14d4b952d3f8e4b5dc5788cfdc4319c5b24ab566028a8eff19e95cd8b2a_NeikiAnalytics.exe

  • Size

    727KB

  • Sample

    240627-jphdwascqr

  • MD5

    cde4498dc05fd1ef1c12eb1734eb6890

  • SHA1

    bca1bcedd4fbc920871b424547a90c1d92ef72a8

  • SHA256

    673ae14d4b952d3f8e4b5dc5788cfdc4319c5b24ab566028a8eff19e95cd8b2a

  • SHA512

    0fffdfd8535c446f22abdae353fc862c3dd64083bf981b20b5ac83e1968f585df14938d5939ed0e879e1e6445ab48fb456a908fe78969ff282faef774936705d

  • SSDEEP

    12288:pD53KoNw+bCUKklI9ufQ2XqJmrsZq4ZiohfzFq6L:p95Nw+bJ3lI9uB/48UbL

Score
9/10
ransomware

Malware Config

Targets

    • Target

      673ae14d4b952d3f8e4b5dc5788cfdc4319c5b24ab566028a8eff19e95cd8b2a_NeikiAnalytics.exe

    • Size

      727KB

    • MD5

      cde4498dc05fd1ef1c12eb1734eb6890

    • SHA1

      bca1bcedd4fbc920871b424547a90c1d92ef72a8

    • SHA256

      673ae14d4b952d3f8e4b5dc5788cfdc4319c5b24ab566028a8eff19e95cd8b2a

    • SHA512

      0fffdfd8535c446f22abdae353fc862c3dd64083bf981b20b5ac83e1968f585df14938d5939ed0e879e1e6445ab48fb456a908fe78969ff282faef774936705d

    • SSDEEP

      12288:pD53KoNw+bCUKklI9ufQ2XqJmrsZq4ZiohfzFq6L:p95Nw+bJ3lI9uB/48UbL

    Score
    9/10
    ransomware

    • Renames multiple (3441) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks