Overview

overview

9

Static

static

7

79529a15b6...cs.exe

windows7-x64

9

79529a15b6...cs.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    79529a15b66a2a9c5c75f39c5b77a174739aa0ed3d01dc09c89a21e477c3161f_NeikiAnalytics.exe

  • Size

    99KB

  • Sample

    240629-hjrvpawckr

  • MD5

    26d91c9e12c69283b79602b1f197a5d0

  • SHA1

    d86b79296fca54020bbe4a40646a5a456ccfcdf5

  • SHA256

    79529a15b66a2a9c5c75f39c5b77a174739aa0ed3d01dc09c89a21e477c3161f

  • SHA512

    a550e5d9fea0b398086a33e51a5a5e85358d3fef300598c630c7ff347f7231e5ddd50fff945155310663ff7da83b539e6c58597952c5d06343f794edd8f21ec1

  • SSDEEP

    1536:V7Zf/FAxTWoJJ2WjWZCqC/7Zf/FAxTWoJJ2WjWZCqC6v2:fny1xny1ev2

Score
9/10
ransomwareupx

Malware Config

Targets

    • Target

      79529a15b66a2a9c5c75f39c5b77a174739aa0ed3d01dc09c89a21e477c3161f_NeikiAnalytics.exe

    • Size

      99KB

    • MD5

      26d91c9e12c69283b79602b1f197a5d0

    • SHA1

      d86b79296fca54020bbe4a40646a5a456ccfcdf5

    • SHA256

      79529a15b66a2a9c5c75f39c5b77a174739aa0ed3d01dc09c89a21e477c3161f

    • SHA512

      a550e5d9fea0b398086a33e51a5a5e85358d3fef300598c630c7ff347f7231e5ddd50fff945155310663ff7da83b539e6c58597952c5d06343f794edd8f21ec1

    • SSDEEP

      1536:V7Zf/FAxTWoJJ2WjWZCqC/7Zf/FAxTWoJJ2WjWZCqC6v2:fny1xny1ev2

    Score
    9/10
    ransomwareupx

    • Renames multiple (5234) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks