Overview

overview

9

Static

static

3

50a63b29fa...cs.exe

windows7-x64

9

50a63b29fa...cs.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    50a63b29fa83c688bec765aaefeb7fec9624115ff2cfc351c14c98df60039bd6_NeikiAnalytics.exe

  • Size

    197KB

  • Sample

    240629-c3pa1ssdmk

  • MD5

    c77ade1ad18a4ad45b3a5c7de740b7d0

  • SHA1

    1670c53c907b442d88b6ac96882430f56739c577

  • SHA256

    50a63b29fa83c688bec765aaefeb7fec9624115ff2cfc351c14c98df60039bd6

  • SHA512

    d4442b19009495c8db16b96280eeee74f87551b443b2a5b65336a42dd9063fcbafd21e3e847c8baea759f762ae74532df6a9f44ddd5d0d17fe3d8f73340f44ce

  • SSDEEP

    3072:6pWpUFpEhLfyBtPf50FWkFpPDze/qFsxEhLfyBtPf50FWkFpPDze/qFslEhLfyB9:PqFF2Ie+efsim2aqFF2Ie+efsim2l

Score
9/10
ransomware

Malware Config

Targets

    • Target

      50a63b29fa83c688bec765aaefeb7fec9624115ff2cfc351c14c98df60039bd6_NeikiAnalytics.exe

    • Size

      197KB

    • MD5

      c77ade1ad18a4ad45b3a5c7de740b7d0

    • SHA1

      1670c53c907b442d88b6ac96882430f56739c577

    • SHA256

      50a63b29fa83c688bec765aaefeb7fec9624115ff2cfc351c14c98df60039bd6

    • SHA512

      d4442b19009495c8db16b96280eeee74f87551b443b2a5b65336a42dd9063fcbafd21e3e847c8baea759f762ae74532df6a9f44ddd5d0d17fe3d8f73340f44ce

    • SSDEEP

      3072:6pWpUFpEhLfyBtPf50FWkFpPDze/qFsxEhLfyBtPf50FWkFpPDze/qFslEhLfyB9:PqFF2Ie+efsim2aqFF2Ie+efsim2l

    Score
    9/10
    ransomware

    • Renames multiple (4067) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks