Overview

overview

7

Static

static

3

74319c33f1...cs.exe

windows7-x64

7

74319c33f1...cs.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    74319c33f150e7d716bc2a3e4a67d350_NeikiAnalytics.exe

  • Size

    455KB

  • Sample

    240523-cjf6asaa93

  • MD5

    74319c33f150e7d716bc2a3e4a67d350

  • SHA1

    5df405f835c6a433709ab833adb2496269676d0a

  • SHA256

    0b39c9aab03a945a338947e0743f23dcb507121911579ace9e9bf30deb403583

  • SHA512

    de4e7b53a108e49e5d603d3c4acd74426aeab6cbbd40b1de939fbabcc448b2aa4fca965ad742e39e08605a0eb2b83346e2081733a24737f588cae67d593c9e44

  • SSDEEP

    6144:mBapC9DUIYmO5Kv5Q7X/l/rYvkW1VxxfnzrV9UAH0ctkPfc92F87LpIh9jil:5pQD+mO5KWy/zrVbt4fcYU9U9jI

Score
7/10
persistence

Malware Config

Targets

    • Target

      74319c33f150e7d716bc2a3e4a67d350_NeikiAnalytics.exe

    • Size

      455KB

    • MD5

      74319c33f150e7d716bc2a3e4a67d350

    • SHA1

      5df405f835c6a433709ab833adb2496269676d0a

    • SHA256

      0b39c9aab03a945a338947e0743f23dcb507121911579ace9e9bf30deb403583

    • SHA512

      de4e7b53a108e49e5d603d3c4acd74426aeab6cbbd40b1de939fbabcc448b2aa4fca965ad742e39e08605a0eb2b83346e2081733a24737f588cae67d593c9e44

    • SSDEEP

      6144:mBapC9DUIYmO5Kv5Q7X/l/rYvkW1VxxfnzrV9UAH0ctkPfc92F87LpIh9jil:5pQD+mO5KWy/zrVbt4fcYU9U9jI

    Score
    7/10
    persistence

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks