General

  • Target

    41f73e643999a9e84a114298377765e0_NeikiAnalytics.exe

  • Size

    53KB

  • Sample

    240522-1gz3dshh34

  • MD5

    41f73e643999a9e84a114298377765e0

  • SHA1

    c2f2b7a9b135dc73d3bd5c2dd2feb273c424dd98

  • SHA256

    e1c509f68b0e8e9e4e1d1a607e1063f31ef83cb5c4cdc18e0f51d42db156fe4f

  • SHA512

    2264931598ddd28e50d15ae80b9f8ce3ef59cc5ecf66adcd8415b909a2d4daa6a0f556876ac06f8e0d7a6f69e1f42a9ff470d27fd0731c9c13e7112c3b8cc310

  • SSDEEP

    1536:vNkQg8r8QNcYaH6lFrmEc/MErtule7Kp3StjEMjmLM3ztDJWZsXy4JzxPME:awcYaH6lFrmEc/MErtuleJJjmLM3zRJr

Score
10/10

Malware Config

Targets

    • Target

      41f73e643999a9e84a114298377765e0_NeikiAnalytics.exe

    • Size

      53KB

    • MD5

      41f73e643999a9e84a114298377765e0

    • SHA1

      c2f2b7a9b135dc73d3bd5c2dd2feb273c424dd98

    • SHA256

      e1c509f68b0e8e9e4e1d1a607e1063f31ef83cb5c4cdc18e0f51d42db156fe4f

    • SHA512

      2264931598ddd28e50d15ae80b9f8ce3ef59cc5ecf66adcd8415b909a2d4daa6a0f556876ac06f8e0d7a6f69e1f42a9ff470d27fd0731c9c13e7112c3b8cc310

    • SSDEEP

      1536:vNkQg8r8QNcYaH6lFrmEc/MErtule7Kp3StjEMjmLM3ztDJWZsXy4JzxPME:awcYaH6lFrmEc/MErtuleJJjmLM3zRJr

    Score
    10/10
    • Modifies visiblity of hidden/system files in Explorer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks