General
-
Target
7db8021ebcc4499fb05ba10a8cc1bdf0_NeikiAnalytics.exe
-
Size
2.6MB
-
Sample
240523-t5mcwahc51
-
MD5
7db8021ebcc4499fb05ba10a8cc1bdf0
-
SHA1
7b0f25dbd730e4c22b510e427871da99c208782d
-
SHA256
5e220a1aa1c5b178729c38ca9b705b3e81925fd194594b1d3282f3f59fbfb393
-
SHA512
4b564771442e6ac5bc449bdc7ed44a16f34a6a27f491282cd9dd71d53c1b96bb522b42c206f006c19db150aa712fe5f7df0adb2bd524a8925e86ae708cdf7338
-
SSDEEP
49152:TeS12nRc6C5CEAHD26ICQVt1ULUQRP6a6YPkCLJ37xbIjNyX5Hxzl/q:6S+c6ZEmqCMtmoQRP6aZtnsNq9l/q
Malware Config
Targets
-
-
Target
7db8021ebcc4499fb05ba10a8cc1bdf0_NeikiAnalytics.exe
-
Size
2.6MB
-
MD5
7db8021ebcc4499fb05ba10a8cc1bdf0
-
SHA1
7b0f25dbd730e4c22b510e427871da99c208782d
-
SHA256
5e220a1aa1c5b178729c38ca9b705b3e81925fd194594b1d3282f3f59fbfb393
-
SHA512
4b564771442e6ac5bc449bdc7ed44a16f34a6a27f491282cd9dd71d53c1b96bb522b42c206f006c19db150aa712fe5f7df0adb2bd524a8925e86ae708cdf7338
-
SSDEEP
49152:TeS12nRc6C5CEAHD26ICQVt1ULUQRP6a6YPkCLJ37xbIjNyX5Hxzl/q:6S+c6ZEmqCMtmoQRP6aZtnsNq9l/q
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Drops file in System32 directory
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Scheduled Task/Job
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Scheduled Task/Job
1