Overview

overview

8

Static

static

7

539f8ec2ad...cs.exe

windows7-x64

8

539f8ec2ad...cs.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    539f8ec2ad77918f9c8f5dfd36633397fc37edca8605efbf0494f8d0f218f7bc_NeikiAnalytics

  • Size

    54KB

  • Sample

    240521-qjl87sfc6s

  • MD5

    bb021da7f1d15a1135cd878e37be4a60

  • SHA1

    e2f98414357a7b0c92e4f30f3cb9142865357b7d

  • SHA256

    539f8ec2ad77918f9c8f5dfd36633397fc37edca8605efbf0494f8d0f218f7bc

  • SHA512

    95e071fb0cfbcb44336b42a9917a8ab44b5abd33d0f97e39d5923885935d669a24292fb6a1826c84a90c09c2c961491266642eeb73ed7ffc504eefeeff893a2a

  • SSDEEP

    384:+SDuuOFZyUVpULCgDb2prxVTw24iJ6Al6z+yX0f0BT2EpmuKowBpyUUep4+2yiiq:3DcZyUpULCgod/J96ayXv/pWnnAp

Score
8/10
evasionupx

Malware Config

Targets

    • Target

      539f8ec2ad77918f9c8f5dfd36633397fc37edca8605efbf0494f8d0f218f7bc_NeikiAnalytics

    • Size

      54KB

    • MD5

      bb021da7f1d15a1135cd878e37be4a60

    • SHA1

      e2f98414357a7b0c92e4f30f3cb9142865357b7d

    • SHA256

      539f8ec2ad77918f9c8f5dfd36633397fc37edca8605efbf0494f8d0f218f7bc

    • SHA512

      95e071fb0cfbcb44336b42a9917a8ab44b5abd33d0f97e39d5923885935d669a24292fb6a1826c84a90c09c2c961491266642eeb73ed7ffc504eefeeff893a2a

    • SSDEEP

      384:+SDuuOFZyUVpULCgDb2prxVTw24iJ6Al6z+yX0f0BT2EpmuKowBpyUUep4+2yiiq:3DcZyUpULCgod/J96ayXv/pWnnAp

    Score
    8/10
    evasionupx

    • Sets file to hidden

      Modifies file attributes to stop it showing in Explorer etc.

      evasion

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks