General

  • Target

    3dc4419458efb7fe285dccf857cb94b0_NeikiAnalytics.exe

  • Size

    256KB

  • Sample

    240519-1ab2zsag5t

  • MD5

    3dc4419458efb7fe285dccf857cb94b0

  • SHA1

    87e19be53cbab25650fcfb18ba290b57eaadfed1

  • SHA256

    351d025a584557c5d50e0452e015570d11f275296077b139098127d7a0a4f25b

  • SHA512

    ab5e6f3d760538f1777e33f7afe361335ca1696e15f2bb33d0721ad04aaa05c50c314c05a3dfdb022466b1a1d9f715873755c71c8b216c0cf72f6c57c928b998

  • SSDEEP

    6144:yDLQxoyQ1LpnFyZ+dayL9rvolH8u3ZhGod:qQCyQ1LHk+zR7QHjGo

Malware Config

Targets

    • Target

      3dc4419458efb7fe285dccf857cb94b0_NeikiAnalytics.exe

    • Size

      256KB

    • MD5

      3dc4419458efb7fe285dccf857cb94b0

    • SHA1

      87e19be53cbab25650fcfb18ba290b57eaadfed1

    • SHA256

      351d025a584557c5d50e0452e015570d11f275296077b139098127d7a0a4f25b

    • SHA512

      ab5e6f3d760538f1777e33f7afe361335ca1696e15f2bb33d0721ad04aaa05c50c314c05a3dfdb022466b1a1d9f715873755c71c8b216c0cf72f6c57c928b998

    • SSDEEP

      6144:yDLQxoyQ1LpnFyZ+dayL9rvolH8u3ZhGod:qQCyQ1LHk+zR7QHjGo

    • Drops file in Drivers directory

    • Modifies Installed Components in the registry

    • Deletes itself

    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v15

Tasks