General

  • Target

    0b5cedd9753a27d3937cd3ce5e0cb8e0_NeikiAnalytics

  • Size

    609KB

  • Sample

    240514-w4t3faaf84

  • MD5

    0b5cedd9753a27d3937cd3ce5e0cb8e0

  • SHA1

    6c6f74ba13fdcd487629a8adabb0bb788f1630b3

  • SHA256

    f6e25a0e39f66482d1a069f7f71fefe6e1506a9706e8468ea947b14d30388350

  • SHA512

    71c3fe513e5133998bdb0ffb586dd731b16db91a4c6032ff94152ea1e97677af2e4e6573f23730ab48a41894e2fde106d04fbdbc065bf6160944b5f23f3ddf03

  • SSDEEP

    12288:KZ543M5v7Kc3ygT2lXVCllX8peI7cQitqUmyq+1pmhK:SUiL3yjXUlu0I7vitqUmyq+1paK

Score
10/10

Malware Config

Targets

    • Target

      0b5cedd9753a27d3937cd3ce5e0cb8e0_NeikiAnalytics

    • Size

      609KB

    • MD5

      0b5cedd9753a27d3937cd3ce5e0cb8e0

    • SHA1

      6c6f74ba13fdcd487629a8adabb0bb788f1630b3

    • SHA256

      f6e25a0e39f66482d1a069f7f71fefe6e1506a9706e8468ea947b14d30388350

    • SHA512

      71c3fe513e5133998bdb0ffb586dd731b16db91a4c6032ff94152ea1e97677af2e4e6573f23730ab48a41894e2fde106d04fbdbc065bf6160944b5f23f3ddf03

    • SSDEEP

      12288:KZ543M5v7Kc3ygT2lXVCllX8peI7cQitqUmyq+1pmhK:SUiL3yjXUlu0I7vitqUmyq+1paK

    Score
    10/10
    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Uses Tor communications

      Malware can proxy its traffic through Tor for more anonymity.

MITRE ATT&CK Enterprise v15

Tasks