Overview

overview

9

Static

static

7

769e75a3c7...cs.exe

windows7-x64

9

769e75a3c7...cs.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    769e75a3c7372d289ef5ae598155a5d9c50a873e32431196228bf210eb154258_NeikiAnalytics.exe

  • Size

    7.3MB

  • Sample

    240628-d5pj8ssakn

  • MD5

    6729048bb8f383f975b4980a8f2c4d90

  • SHA1

    a1b5311179da5a7e39eba257d9c9e16ab0bfc2aa

  • SHA256

    769e75a3c7372d289ef5ae598155a5d9c50a873e32431196228bf210eb154258

  • SHA512

    6eac771add0dd9aa04d4da13a1ae7e0c32d2a336bfcad02cc91d73e0340e834e86e81befbd931dbb08eb71b8ba220e8ccb60573a5c4004f99cfa88fd62322ad6

  • SSDEEP

    98304:QtzqBZMMEM0MUMRMxMwMkfqbjxbSzGVr4W11/KsZfGpWqOJwNC:CqBZtlV1qKpkfqbjeGVr4wZfNnJwo

Score
9/10
ransomwareupx

Malware Config

Targets

    • Target

      769e75a3c7372d289ef5ae598155a5d9c50a873e32431196228bf210eb154258_NeikiAnalytics.exe

    • Size

      7.3MB

    • MD5

      6729048bb8f383f975b4980a8f2c4d90

    • SHA1

      a1b5311179da5a7e39eba257d9c9e16ab0bfc2aa

    • SHA256

      769e75a3c7372d289ef5ae598155a5d9c50a873e32431196228bf210eb154258

    • SHA512

      6eac771add0dd9aa04d4da13a1ae7e0c32d2a336bfcad02cc91d73e0340e834e86e81befbd931dbb08eb71b8ba220e8ccb60573a5c4004f99cfa88fd62322ad6

    • SSDEEP

      98304:QtzqBZMMEM0MUMRMxMwMkfqbjxbSzGVr4W11/KsZfGpWqOJwNC:CqBZtlV1qKpkfqbjeGVr4wZfNnJwo

    Score
    9/10
    ransomwareupx

    • Renames multiple (4100) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks