Overview

overview

9

Static

static

7

94d5477a0c...cs.exe

windows7-x64

9

94d5477a0c...cs.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    94d5477a0c363eb5f6fe32c9aaa9bf653d3c4ce37892c1f5fa8738756cf79c33_NeikiAnalytics.exe

  • Size

    106KB

  • Sample

    240628-m723sayepq

  • MD5

    7bf30fdd124271b3e87d55805f30fc40

  • SHA1

    931a54f52105f96b27f3df0256b3298e08400aae

  • SHA256

    94d5477a0c363eb5f6fe32c9aaa9bf653d3c4ce37892c1f5fa8738756cf79c33

  • SHA512

    814281560d56105103b80069f56601c91ec7f3f976e9ccb8d0409f29d0b056661efbbec26dc3c5b3929942d7d512230d392f29b79c6bbde004d1de338441b93b

  • SSDEEP

    1536:CTWn1++PJHJXA/OsIZfzc3/Q8VTWn1++PJHJXA/OsIZfzc3/Q8r:KQSoGQSoM

Score
9/10
ransomwareupx

Malware Config

Targets

    • Target

      94d5477a0c363eb5f6fe32c9aaa9bf653d3c4ce37892c1f5fa8738756cf79c33_NeikiAnalytics.exe

    • Size

      106KB

    • MD5

      7bf30fdd124271b3e87d55805f30fc40

    • SHA1

      931a54f52105f96b27f3df0256b3298e08400aae

    • SHA256

      94d5477a0c363eb5f6fe32c9aaa9bf653d3c4ce37892c1f5fa8738756cf79c33

    • SHA512

      814281560d56105103b80069f56601c91ec7f3f976e9ccb8d0409f29d0b056661efbbec26dc3c5b3929942d7d512230d392f29b79c6bbde004d1de338441b93b

    • SSDEEP

      1536:CTWn1++PJHJXA/OsIZfzc3/Q8VTWn1++PJHJXA/OsIZfzc3/Q8r:KQSoGQSoM

    Score
    9/10
    ransomwareupx

    • Renames multiple (849) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks