General

  • Target

    516870e329a6b0c4f2cd840853e8b1d0_NeikiAnalytics.exe

  • Size

    91KB

  • Sample

    240522-2vj4rscb3w

  • MD5

    516870e329a6b0c4f2cd840853e8b1d0

  • SHA1

    3103fc962a3bfed9177bc8d6687c67bd59219473

  • SHA256

    70b49b1a036904fd7f35bb935b4416cda1b7b2d4b0d994ccf87297e1213385c6

  • SHA512

    3c1d2c7fb0729525714fd91cdf880db3d21d9cc154ffa0e3ee599f9d0e3b4ce5ce4cee8f576218ba4ce15a336a2c83d780d4a0febe9fd17a03be12382070487b

  • SSDEEP

    1536:ERsjdf1aM67v32Z9x5nouy8VTlRsjdf1aM67v32Z9x5nouy8VTU:EOaHv3YpoutNlOaHv3YpoutNU

Score
10/10

Malware Config

Targets

    • Target

      516870e329a6b0c4f2cd840853e8b1d0_NeikiAnalytics.exe

    • Size

      91KB

    • MD5

      516870e329a6b0c4f2cd840853e8b1d0

    • SHA1

      3103fc962a3bfed9177bc8d6687c67bd59219473

    • SHA256

      70b49b1a036904fd7f35bb935b4416cda1b7b2d4b0d994ccf87297e1213385c6

    • SHA512

      3c1d2c7fb0729525714fd91cdf880db3d21d9cc154ffa0e3ee599f9d0e3b4ce5ce4cee8f576218ba4ce15a336a2c83d780d4a0febe9fd17a03be12382070487b

    • SSDEEP

      1536:ERsjdf1aM67v32Z9x5nouy8VTlRsjdf1aM67v32Z9x5nouy8VTU:EOaHv3YpoutNlOaHv3YpoutNU

    Score
    10/10
    • Modifies WinLogon for persistence

    • Modifies visibility of file extensions in Explorer

    • Modifies visiblity of hidden/system files in Explorer

    • Disables RegEdit via registry modification

    • Disables use of System Restore points

    • Executes dropped EXE

    • Loads dropped DLL

    • Modifies system executable filetype association

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Adds Run key to start application

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks