Overview

overview

8

Static

static

7

c4c1c3b831...cs.exe

windows7-x64

8

c4c1c3b831...cs.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    c4c1c3b831d367ecb77e0872c1eff460_NeikiAnalytics

  • Size

    232KB

  • Sample

    240514-nqagwaeb35

  • MD5

    c4c1c3b831d367ecb77e0872c1eff460

  • SHA1

    61a9bbdcacc71343133d63b849efb3ff2dcc2817

  • SHA256

    1cf0bbb7b82cc430e0ea25f689b0e6499438d7ae71a29d22b15dfd10aba965c0

  • SHA512

    8bfae7e3446c562c19f7148d112f9886f013345ddb222501f26ddc1530aa186b099817c0c6eb9dd6139653854b5c6bd81dcc1932fe898619cee89233fe612cb6

  • SSDEEP

    3072:N1i/NU8bOMYcYYcmy51VRgiFCpCIXUWOLTsEsigcL3P6xxc1Vne1i/NU82OMYcYU:vi/NjO5xbg/CSUFLTwMjs6wi/N+O7

Score
8/10
persistenceupx

Malware Config

Targets

    • Target

      c4c1c3b831d367ecb77e0872c1eff460_NeikiAnalytics

    • Size

      232KB

    • MD5

      c4c1c3b831d367ecb77e0872c1eff460

    • SHA1

      61a9bbdcacc71343133d63b849efb3ff2dcc2817

    • SHA256

      1cf0bbb7b82cc430e0ea25f689b0e6499438d7ae71a29d22b15dfd10aba965c0

    • SHA512

      8bfae7e3446c562c19f7148d112f9886f013345ddb222501f26ddc1530aa186b099817c0c6eb9dd6139653854b5c6bd81dcc1932fe898619cee89233fe612cb6

    • SSDEEP

      3072:N1i/NU8bOMYcYYcmy51VRgiFCpCIXUWOLTsEsigcL3P6xxc1Vne1i/NU82OMYcYU:vi/NjO5xbg/CSUFLTwMjs6wi/N+O7

    Score
    8/10
    persistenceupx

    • Modifies Installed Components in the registry

      persistence

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks