Overview

overview

7

Static

static

7

16c36b34a0...cs.exe

windows7-x64

7

16c36b34a0...cs.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    16c36b34a0b264016d345102060a90b0_NeikiAnalytics.exe

  • Size

    209KB

  • Sample

    240522-ecttxsbb24

  • MD5

    16c36b34a0b264016d345102060a90b0

  • SHA1

    2ab336aef22a9ea208567124d512e3fe8a93c663

  • SHA256

    045a45c96384034a1e78c79ebfea2480e1c1f62bdda465a40bb7cbd291f30d49

  • SHA512

    8afd7ca55d1a6df38d765d367f42c70fb4f727b5e392cc767041d279bb40331ec3668bd6ad63d21cf405e9611065c51c8f8a1ae1f3a6b90999f72b16b7f20c3e

  • SSDEEP

    3072:SdEUfKj8BYbDiC1ZTK7sxtLUIG5yyoDU9q3XRrMBEGltj95y6hsYDRdfS:SUSiZTK40syG

Score
7/10
upx

Malware Config

Targets

    • Target

      16c36b34a0b264016d345102060a90b0_NeikiAnalytics.exe

    • Size

      209KB

    • MD5

      16c36b34a0b264016d345102060a90b0

    • SHA1

      2ab336aef22a9ea208567124d512e3fe8a93c663

    • SHA256

      045a45c96384034a1e78c79ebfea2480e1c1f62bdda465a40bb7cbd291f30d49

    • SHA512

      8afd7ca55d1a6df38d765d367f42c70fb4f727b5e392cc767041d279bb40331ec3668bd6ad63d21cf405e9611065c51c8f8a1ae1f3a6b90999f72b16b7f20c3e

    • SSDEEP

      3072:SdEUfKj8BYbDiC1ZTK7sxtLUIG5yyoDU9q3XRrMBEGltj95y6hsYDRdfS:SUSiZTK40syG

    Score
    7/10
    upx

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks