General
-
Target
31f9d404393a23c4aa9116a0d3ee6f60_NeikiAnalytics.exe
-
Size
2.6MB
-
Sample
240525-243bpsef26
-
MD5
31f9d404393a23c4aa9116a0d3ee6f60
-
SHA1
35647204a72f3d044651942d35a4dd909af25404
-
SHA256
340b9fb93363b15040628ef5522396e60c8f7f8d8316b6dbd6f6639b68d68657
-
SHA512
9e96e5c777a8671ca245515ddef67187e2c420c9efecc31c6004da82feb46be0948a8eca2dbd43f7dc6dc825e00f6e7f10d29f0e9ddb187f61be467d17337350
-
SSDEEP
49152:TeS12nRc6C5CEAHD26ICQVt1ULUQRP6a6YPkCLJ37xbIjNyX5Hxzl/2:6S+c6ZEmqCMtmoQRP6aZtnsNq9l/2
Static task
static1
Behavioral task
behavioral1
Sample
31f9d404393a23c4aa9116a0d3ee6f60_NeikiAnalytics.exe
Resource
win7-20240419-en
Behavioral task
behavioral2
Sample
31f9d404393a23c4aa9116a0d3ee6f60_NeikiAnalytics.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
31f9d404393a23c4aa9116a0d3ee6f60_NeikiAnalytics.exe
-
Size
2.6MB
-
MD5
31f9d404393a23c4aa9116a0d3ee6f60
-
SHA1
35647204a72f3d044651942d35a4dd909af25404
-
SHA256
340b9fb93363b15040628ef5522396e60c8f7f8d8316b6dbd6f6639b68d68657
-
SHA512
9e96e5c777a8671ca245515ddef67187e2c420c9efecc31c6004da82feb46be0948a8eca2dbd43f7dc6dc825e00f6e7f10d29f0e9ddb187f61be467d17337350
-
SSDEEP
49152:TeS12nRc6C5CEAHD26ICQVt1ULUQRP6a6YPkCLJ37xbIjNyX5Hxzl/2:6S+c6ZEmqCMtmoQRP6aZtnsNq9l/2
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Drops file in System32 directory
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Scheduled Task/Job
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Scheduled Task/Job
1