General

  • Target

    b4222fecb372dfe5fc4e886c7845e040_NeikiAnalytics

  • Size

    255KB

  • Sample

    240513-m591lscd76

  • MD5

    b4222fecb372dfe5fc4e886c7845e040

  • SHA1

    afed36d151547c662b8160d2e175b4c0b4b8b749

  • SHA256

    a40f6e058ab829d23ceac92b0ac72da03f94c31e5ff1263aacdefac44ade2185

  • SHA512

    da84e05ef209297084edc00fc13422525dc14a63686c2bf0224c5404efbdd3c493efe0967d87a47045b13af4c9490c4e47e50e137514b84467e103f87aa80989

  • SSDEEP

    6144:GbQ16v1dEETk55Qcpp5n+mCTS9lE2cmt+:OVTkTQyz9U

Score
10/10

Malware Config

Targets

    • Target

      b4222fecb372dfe5fc4e886c7845e040_NeikiAnalytics

    • Size

      255KB

    • MD5

      b4222fecb372dfe5fc4e886c7845e040

    • SHA1

      afed36d151547c662b8160d2e175b4c0b4b8b749

    • SHA256

      a40f6e058ab829d23ceac92b0ac72da03f94c31e5ff1263aacdefac44ade2185

    • SHA512

      da84e05ef209297084edc00fc13422525dc14a63686c2bf0224c5404efbdd3c493efe0967d87a47045b13af4c9490c4e47e50e137514b84467e103f87aa80989

    • SSDEEP

      6144:GbQ16v1dEETk55Qcpp5n+mCTS9lE2cmt+:OVTkTQyz9U

    Score
    10/10
    • Modifies visibility of file extensions in Explorer

    • Modifies visiblity of hidden/system files in Explorer

    • Adds policy Run key to start application

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks