Overview

overview

7

Static

static

3

012903b677...cs.exe

windows7-x64

7

012903b677...cs.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    012903b6776cd32b7194a67d2240d240_NeikiAnalytics

  • Size

    89KB

  • Sample

    240511-pcmeysac55

  • MD5

    012903b6776cd32b7194a67d2240d240

  • SHA1

    0c1cb394b462f0ceb3e2b1762b2de3bf7263bc63

  • SHA256

    57940a828c9f5f8223a4f5400100c35d9e511fc1eeff90ef1d2702264138ef02

  • SHA512

    cff6e5455b316553cc8d61564d5cd1a098f5f4804b9210309b65eaa448842dfa90d233f2bf7ed09cf6ea4969dd1870ac3d1273070e9c71c1593450fe8d723ab7

  • SSDEEP

    1536:p7u6cOLK7hNIMLrCiS4xUfXM3xvuoSB5qEftLhSnWQD+hpX71PvJdsJG1:1eOLK7hNIMLrCiS4+PwRjY5xhEAXVvt

Score
7/10
persistence

Malware Config

Targets

    • Target

      012903b6776cd32b7194a67d2240d240_NeikiAnalytics

    • Size

      89KB

    • MD5

      012903b6776cd32b7194a67d2240d240

    • SHA1

      0c1cb394b462f0ceb3e2b1762b2de3bf7263bc63

    • SHA256

      57940a828c9f5f8223a4f5400100c35d9e511fc1eeff90ef1d2702264138ef02

    • SHA512

      cff6e5455b316553cc8d61564d5cd1a098f5f4804b9210309b65eaa448842dfa90d233f2bf7ed09cf6ea4969dd1870ac3d1273070e9c71c1593450fe8d723ab7

    • SSDEEP

      1536:p7u6cOLK7hNIMLrCiS4xUfXM3xvuoSB5qEftLhSnWQD+hpX71PvJdsJG1:1eOLK7hNIMLrCiS4+PwRjY5xhEAXVvt

    Score
    7/10
    persistence

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks