General

  • Target

    62fce467aff4cbd3116693fb5cdd45a0_NeikiAnalytics.exe

  • Size

    504KB

  • Sample

    240523-nmp36aee56

  • MD5

    62fce467aff4cbd3116693fb5cdd45a0

  • SHA1

    92c390d17eb700817a80500edbf586e02b041576

  • SHA256

    6bd95d63bbff1fb01c21ef9c07421b3dd76c13143090ddb6bf9d9f6e914edc27

  • SHA512

    84a9665d0b35ca5f9501ad4d69068acfbb86c1d9a85438184401f893899b96aaab28190efea2c9674726e2358de60d0b30814cdac83a7dba2242da01288c5e23

  • SSDEEP

    12288:tPmTkT0+nXTv1d5Jo/H4a6ZeUOHFVS9Qg:Vmo4IXhd81rS

Malware Config

Targets

    • Target

      62fce467aff4cbd3116693fb5cdd45a0_NeikiAnalytics.exe

    • Size

      504KB

    • MD5

      62fce467aff4cbd3116693fb5cdd45a0

    • SHA1

      92c390d17eb700817a80500edbf586e02b041576

    • SHA256

      6bd95d63bbff1fb01c21ef9c07421b3dd76c13143090ddb6bf9d9f6e914edc27

    • SHA512

      84a9665d0b35ca5f9501ad4d69068acfbb86c1d9a85438184401f893899b96aaab28190efea2c9674726e2358de60d0b30814cdac83a7dba2242da01288c5e23

    • SSDEEP

      12288:tPmTkT0+nXTv1d5Jo/H4a6ZeUOHFVS9Qg:Vmo4IXhd81rS

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Adds Run key to start application

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks