Overview

overview

9

Static

static

3

3d84cdf96a...cs.exe

windows7-x64

9

3d84cdf96a...cs.exe

windows10-2004-x64

9

Resubmissions

29-06-2024 00:44

240629-a3tjmazdkk 9

29-06-2024 00:40

240629-a1qpyszcmq 9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3d84cdf96a74214e15cd2b074b79f0fa5863a01049dfe1b2f687ea788a882b93_NeikiAnalytics.exe

  • Size

    144KB

  • Sample

    240629-a1qpyszcmq

  • MD5

    2cfe920cd8c5eecd65559d6cc89b8800

  • SHA1

    d974c37b1058e2a5692704404085b2c955ba6326

  • SHA256

    3d84cdf96a74214e15cd2b074b79f0fa5863a01049dfe1b2f687ea788a882b93

  • SHA512

    925d370579234bbf7066e04fc12be3eeb917b08b6609a4d20048b92241647a59837c0757b3815494119543083ac4e6fc0b3dc59158d9723207b3c68e4e8b0612

  • SSDEEP

    1536:W7ZNLpApCZuvIYYoYoN7n97nYosbos67ZNLpApCZuvIYYoYoN7n97nYosbos3:6NLWpCZLYpZiX+NLWpCZLYpZiX3

Score
9/10
ransomware

Malware Config

Targets

    • Target

      3d84cdf96a74214e15cd2b074b79f0fa5863a01049dfe1b2f687ea788a882b93_NeikiAnalytics.exe

    • Size

      144KB

    • MD5

      2cfe920cd8c5eecd65559d6cc89b8800

    • SHA1

      d974c37b1058e2a5692704404085b2c955ba6326

    • SHA256

      3d84cdf96a74214e15cd2b074b79f0fa5863a01049dfe1b2f687ea788a882b93

    • SHA512

      925d370579234bbf7066e04fc12be3eeb917b08b6609a4d20048b92241647a59837c0757b3815494119543083ac4e6fc0b3dc59158d9723207b3c68e4e8b0612

    • SSDEEP

      1536:W7ZNLpApCZuvIYYoYoN7n97nYosbos67ZNLpApCZuvIYYoYoN7n97nYosbos3:6NLWpCZLYpZiX+NLWpCZLYpZiX3

    Score
    9/10
    ransomware

    • Renames multiple (4504) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks