Overview

overview

9

Static

static

3

a89e4020bf...cs.exe

windows7-x64

9

a89e4020bf...cs.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    a89e4020bffb61c9675353edda8aafd039da0b9588e5051d381d40cd79d577d9_NeikiAnalytics.exe

  • Size

    102KB

  • Sample

    240629-m9hf6awend

  • MD5

    e68ec3afa2060a0c620f2bcf2bfc7310

  • SHA1

    b84a09e1d38e36dcab222de75b21b6bbde8f188f

  • SHA256

    a89e4020bffb61c9675353edda8aafd039da0b9588e5051d381d40cd79d577d9

  • SHA512

    228bb5aa345ab237ba5204843c305ddc81ae94f4d577f3616c5367b09198269bd543aca455d51c1a71e4b6cb567f0bb021ae7a25489a79804cd7af55d5c5ad45

  • SSDEEP

    768:/7BlpQpARFbhtF1XxXEhk8W/V7BlpQpARFbhtF1XxXEhk8W/jfG:/7ZQpAp9XxXEhA7ZQpAp9XxXEhcfG

Score
9/10
ransomware

Malware Config

Targets

    • Target

      a89e4020bffb61c9675353edda8aafd039da0b9588e5051d381d40cd79d577d9_NeikiAnalytics.exe

    • Size

      102KB

    • MD5

      e68ec3afa2060a0c620f2bcf2bfc7310

    • SHA1

      b84a09e1d38e36dcab222de75b21b6bbde8f188f

    • SHA256

      a89e4020bffb61c9675353edda8aafd039da0b9588e5051d381d40cd79d577d9

    • SHA512

      228bb5aa345ab237ba5204843c305ddc81ae94f4d577f3616c5367b09198269bd543aca455d51c1a71e4b6cb567f0bb021ae7a25489a79804cd7af55d5c5ad45

    • SSDEEP

      768:/7BlpQpARFbhtF1XxXEhk8W/V7BlpQpARFbhtF1XxXEhk8W/jfG:/7ZQpAp9XxXEhA7ZQpAp9XxXEhcfG

    Score
    9/10
    ransomware

    • Renames multiple (4936) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks