General

  • Target

    31f9d404393a23c4aa9116a0d3ee6f60_NeikiAnalytics.exe

  • Size

    2.6MB

  • Sample

    240525-243bpsef26

  • MD5

    31f9d404393a23c4aa9116a0d3ee6f60

  • SHA1

    35647204a72f3d044651942d35a4dd909af25404

  • SHA256

    340b9fb93363b15040628ef5522396e60c8f7f8d8316b6dbd6f6639b68d68657

  • SHA512

    9e96e5c777a8671ca245515ddef67187e2c420c9efecc31c6004da82feb46be0948a8eca2dbd43f7dc6dc825e00f6e7f10d29f0e9ddb187f61be467d17337350

  • SSDEEP

    49152:TeS12nRc6C5CEAHD26ICQVt1ULUQRP6a6YPkCLJ37xbIjNyX5Hxzl/2:6S+c6ZEmqCMtmoQRP6aZtnsNq9l/2

Score
10/10

Malware Config

Targets

    • Target

      31f9d404393a23c4aa9116a0d3ee6f60_NeikiAnalytics.exe

    • Size

      2.6MB

    • MD5

      31f9d404393a23c4aa9116a0d3ee6f60

    • SHA1

      35647204a72f3d044651942d35a4dd909af25404

    • SHA256

      340b9fb93363b15040628ef5522396e60c8f7f8d8316b6dbd6f6639b68d68657

    • SHA512

      9e96e5c777a8671ca245515ddef67187e2c420c9efecc31c6004da82feb46be0948a8eca2dbd43f7dc6dc825e00f6e7f10d29f0e9ddb187f61be467d17337350

    • SSDEEP

      49152:TeS12nRc6C5CEAHD26ICQVt1ULUQRP6a6YPkCLJ37xbIjNyX5Hxzl/2:6S+c6ZEmqCMtmoQRP6aZtnsNq9l/2

    Score
    10/10
    • Modifies visiblity of hidden/system files in Explorer

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Drops file in System32 directory

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v15

Tasks