Overview

overview

9

Static

static

3

4938a82fe3...cs.exe

windows7-x64

9

4938a82fe3...cs.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    4938a82fe3e7282c598cf6f18ebb57668a531eba327705aac48d2267ee3f82fd_NeikiAnalytics.exe

  • Size

    147KB

  • Sample

    240701-l3dzqaycqq

  • MD5

    3fd2a7252f34f5e54bd0297d452f54e0

  • SHA1

    2936a7f781ce21bd19fe8f1a82e798f982301cce

  • SHA256

    4938a82fe3e7282c598cf6f18ebb57668a531eba327705aac48d2267ee3f82fd

  • SHA512

    618e8b9d02f832ba16ec23edb8076a76941c34e9410d292f9326d15164ad2da990a2b69bec4a385784238211b9fa57f11651570607e0c24818978eedf89ce913

  • SSDEEP

    3072:9QWpze+ejfFpsJPKZ2wf7fVdCQWpze+ejfFpsJPKZ2wf7fVd2:Lpe+eX2wf7fVdepe+eX2wf7fVd2

Score
9/10
ransomware

Malware Config

Targets

    • Target

      4938a82fe3e7282c598cf6f18ebb57668a531eba327705aac48d2267ee3f82fd_NeikiAnalytics.exe

    • Size

      147KB

    • MD5

      3fd2a7252f34f5e54bd0297d452f54e0

    • SHA1

      2936a7f781ce21bd19fe8f1a82e798f982301cce

    • SHA256

      4938a82fe3e7282c598cf6f18ebb57668a531eba327705aac48d2267ee3f82fd

    • SHA512

      618e8b9d02f832ba16ec23edb8076a76941c34e9410d292f9326d15164ad2da990a2b69bec4a385784238211b9fa57f11651570607e0c24818978eedf89ce913

    • SSDEEP

      3072:9QWpze+ejfFpsJPKZ2wf7fVdCQWpze+ejfFpsJPKZ2wf7fVd2:Lpe+eX2wf7fVdepe+eX2wf7fVd2

    Score
    9/10
    ransomware

    • Renames multiple (643) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks