Overview

overview

9

Static

static

7

8e676e54b4...cs.exe

windows7-x64

9

8e676e54b4...cs.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    8e676e54b4fadeb416a38e2a6046dfe22bbed32eb42010a8eb2c3a440220377e_NeikiAnalytics.exe

  • Size

    134KB

  • Sample

    240628-j7jdwssdmp

  • MD5

    7585492d4f24aa7a69f475b9698f99b0

  • SHA1

    b2cf960807b27bd9b61da288855d89cbff77454f

  • SHA256

    8e676e54b4fadeb416a38e2a6046dfe22bbed32eb42010a8eb2c3a440220377e

  • SHA512

    b65ae3c2e510e85780aee84f761a9ff64720e58e26e019a804b5447b4b03f86de58589b90c37744193ebd0f40e37db388d955b22456240bd04aceba29eb15931

  • SSDEEP

    1536:V7Zf/FAxTWY1++PJHJXA/OsIZfzc3/Q8aK7Zf/FAxTWY1++PJHJXA/OsIZfzc3/h:fnyiQSo8nyiQSoW

Score
9/10
ransomwareupx

Malware Config

Targets

    • Target

      8e676e54b4fadeb416a38e2a6046dfe22bbed32eb42010a8eb2c3a440220377e_NeikiAnalytics.exe

    • Size

      134KB

    • MD5

      7585492d4f24aa7a69f475b9698f99b0

    • SHA1

      b2cf960807b27bd9b61da288855d89cbff77454f

    • SHA256

      8e676e54b4fadeb416a38e2a6046dfe22bbed32eb42010a8eb2c3a440220377e

    • SHA512

      b65ae3c2e510e85780aee84f761a9ff64720e58e26e019a804b5447b4b03f86de58589b90c37744193ebd0f40e37db388d955b22456240bd04aceba29eb15931

    • SSDEEP

      1536:V7Zf/FAxTWY1++PJHJXA/OsIZfzc3/Q8aK7Zf/FAxTWY1++PJHJXA/OsIZfzc3/h:fnyiQSo8nyiQSoW

    Score
    9/10
    ransomwareupx

    • Renames multiple (4979) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks