General

  • Target

    9b23870b69a7ed88269d7cd4d617e3d0_NeikiAnalytics

  • Size

    91KB

  • Sample

    240511-hzqbsscg61

  • MD5

    9b23870b69a7ed88269d7cd4d617e3d0

  • SHA1

    ef3846a76eab53d0ebca9e842e7863f94d8d34a8

  • SHA256

    6bb3ed0c8784f840370ce4957d9a629b2561327316ccfe2d06d3b864d758d7c8

  • SHA512

    f4c6de6db232be7e090a2def9a7cfd2fa5b511b58554c05196f9410a1cde12526c020e556f85f67bcb6c70755f602fda846ee9b395179df48fd9997f89fd9ff7

  • SSDEEP

    1536:kRsjd3GR2Dxy387Lnouy8VTQRsjd3GR2Dxy387Lnouy8VTY:kOgUXoutNQOgUXoutNY

Score
10/10

Malware Config

Targets

    • Target

      9b23870b69a7ed88269d7cd4d617e3d0_NeikiAnalytics

    • Size

      91KB

    • MD5

      9b23870b69a7ed88269d7cd4d617e3d0

    • SHA1

      ef3846a76eab53d0ebca9e842e7863f94d8d34a8

    • SHA256

      6bb3ed0c8784f840370ce4957d9a629b2561327316ccfe2d06d3b864d758d7c8

    • SHA512

      f4c6de6db232be7e090a2def9a7cfd2fa5b511b58554c05196f9410a1cde12526c020e556f85f67bcb6c70755f602fda846ee9b395179df48fd9997f89fd9ff7

    • SSDEEP

      1536:kRsjd3GR2Dxy387Lnouy8VTQRsjd3GR2Dxy387Lnouy8VTY:kOgUXoutNQOgUXoutNY

    Score
    10/10
    • Modifies WinLogon for persistence

    • Modifies visibility of file extensions in Explorer

    • Modifies visiblity of hidden/system files in Explorer

    • Disables RegEdit via registry modification

    • Disables use of System Restore points

    • Executes dropped EXE

    • Loads dropped DLL

    • Modifies system executable filetype association

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Adds Run key to start application

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks