General

  • Target

    a6cb2ec2fe8723c696d42d4e5d2304e0_NeikiAnalytics

  • Size

    2.5MB

  • Sample

    240513-jjljcacg6y

  • MD5

    a6cb2ec2fe8723c696d42d4e5d2304e0

  • SHA1

    46c5d0c041606c7a623862542788af3fbf9b628e

  • SHA256

    f7ceb1776bd1d9a4b95f8155e251f4391a359cb070a387e99ce21e6e004ea433

  • SHA512

    77640e9444f88a0929c01cbd7ce4bfd056d62d088292c81a537d9b009cca98b6d41a4e2cddab3dbbc3b38b65ce062891492b5847636a4abffdd62dcd0fabe93d

  • SSDEEP

    49152:9XRMCd/rFvy/3+eNMoQIQnocsvwaiVIGFZAAYzdMMMtOa0eyGE/vnCXIu:xRN4muQ5noc0wBVtqAYpcqVni

Malware Config

Targets

    • Target

      a6cb2ec2fe8723c696d42d4e5d2304e0_NeikiAnalytics

    • Size

      2.5MB

    • MD5

      a6cb2ec2fe8723c696d42d4e5d2304e0

    • SHA1

      46c5d0c041606c7a623862542788af3fbf9b628e

    • SHA256

      f7ceb1776bd1d9a4b95f8155e251f4391a359cb070a387e99ce21e6e004ea433

    • SHA512

      77640e9444f88a0929c01cbd7ce4bfd056d62d088292c81a537d9b009cca98b6d41a4e2cddab3dbbc3b38b65ce062891492b5847636a4abffdd62dcd0fabe93d

    • SSDEEP

      49152:9XRMCd/rFvy/3+eNMoQIQnocsvwaiVIGFZAAYzdMMMtOa0eyGE/vnCXIu:xRN4muQ5noc0wBVtqAYpcqVni

    • UAC bypass

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks