Overview

overview

9

Static

static

3

505d52a920...cs.exe

windows7-x64

9

505d52a920...cs.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    505d52a9200d83b9ab96668c490b7e9073a36a6152ac0face33e5e7878d4cf82_NeikiAnalytics.exe

  • Size

    164KB

  • Sample

    240629-c13evsygqe

  • MD5

    6e1f7b25ce74da842d8708c2692a6cf0

  • SHA1

    7201eab349c135111389a34596da26c24e37d8f3

  • SHA256

    505d52a9200d83b9ab96668c490b7e9073a36a6152ac0face33e5e7878d4cf82

  • SHA512

    ce09a422a08a8c9e1f3774ad477a002c1b1fb1088eccb301d2e1ac19b900ada234fe8dcf2e875afa67df0d4aa0bd711485b7e2d01b8840e4be78d111bee44e74

  • SSDEEP

    3072:6pWpUFpEhLfyBtPf50FWkFpPDze/qFsxEhLfyBtPf50FWkFpPDze/qFslEhLfyBX:PqFF2Ie+eFC20qFF2Ie+eFC2V

Score
9/10
ransomware

Malware Config

Targets

    • Target

      505d52a9200d83b9ab96668c490b7e9073a36a6152ac0face33e5e7878d4cf82_NeikiAnalytics.exe

    • Size

      164KB

    • MD5

      6e1f7b25ce74da842d8708c2692a6cf0

    • SHA1

      7201eab349c135111389a34596da26c24e37d8f3

    • SHA256

      505d52a9200d83b9ab96668c490b7e9073a36a6152ac0face33e5e7878d4cf82

    • SHA512

      ce09a422a08a8c9e1f3774ad477a002c1b1fb1088eccb301d2e1ac19b900ada234fe8dcf2e875afa67df0d4aa0bd711485b7e2d01b8840e4be78d111bee44e74

    • SSDEEP

      3072:6pWpUFpEhLfyBtPf50FWkFpPDze/qFsxEhLfyBtPf50FWkFpPDze/qFslEhLfyBX:PqFF2Ie+eFC20qFF2Ie+eFC2V

    Score
    9/10
    ransomware

    • Renames multiple (4075) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks