Overview

overview

7

Static

static

3

5b6ac75068...cs.exe

windows7-x64

7

5b6ac75068...cs.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    5b6ac7506801860708ded99e9e853e90_NeikiAnalytics.exe

  • Size

    2.2MB

  • Sample

    240522-3tjbhsdg76

  • MD5

    5b6ac7506801860708ded99e9e853e90

  • SHA1

    a0fb60df467f30e363f50415aca4d3bdb1bc1279

  • SHA256

    c5763ac37f7e6584d7c77112bb21e5fc4f54c67240e8ab53ea3728fba7907d39

  • SHA512

    42bb8bb51fbfc326b846e6a835adcd4c5ab390b2b2f0f5c0371e910dc56506cd54fec0c20a36941580aa8368eb450c52fedeaa63022907279b7f2de6d050232e

  • SSDEEP

    49152:mW94v+AWYCIl1lwdQ/etn5HfH1hLQ/NE25OqCWViCAB:bJAWYll1lwd/npPLm+PRW

Score
7/10

Malware Config

Targets

    • Target

      5b6ac7506801860708ded99e9e853e90_NeikiAnalytics.exe

    • Size

      2.2MB

    • MD5

      5b6ac7506801860708ded99e9e853e90

    • SHA1

      a0fb60df467f30e363f50415aca4d3bdb1bc1279

    • SHA256

      c5763ac37f7e6584d7c77112bb21e5fc4f54c67240e8ab53ea3728fba7907d39

    • SHA512

      42bb8bb51fbfc326b846e6a835adcd4c5ab390b2b2f0f5c0371e910dc56506cd54fec0c20a36941580aa8368eb450c52fedeaa63022907279b7f2de6d050232e

    • SSDEEP

      49152:mW94v+AWYCIl1lwdQ/etn5HfH1hLQ/NE25OqCWViCAB:bJAWYll1lwd/npPLm+PRW

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

3
T1082

Peripheral Device Discovery

1
T1120

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks