General
-
Target
326bc79beff64ecbcd94dd23e5920900_NeikiAnalytics.exe
-
Size
2.5MB
-
Sample
240525-26ptdsef74
-
MD5
326bc79beff64ecbcd94dd23e5920900
-
SHA1
9328f9e807e0f2207ce7e616db5d1d2f9d9a8df1
-
SHA256
f34aa2c8a56bb1ef6ca19028bdae003b77b5fd483c75c3c6acb1c177b80b925a
-
SHA512
7076c494852b3f2ccb3ad340fc7836e85fd0b02c411a32c04bced1d60df1ea092a7a11f9db73723a48f0f37aa455587eb8ca513125d4b0898e8ce696e0f01361
-
SSDEEP
24576:X4ChZcRi3VsesdZcRi3Vses1WmYVmiO1REvVRdU2ixlfuEsLznslkentuKqWlp:X4CY1E114kiBvVviazsl3ntuKTp
Behavioral task
behavioral1
Sample
326bc79beff64ecbcd94dd23e5920900_NeikiAnalytics.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
326bc79beff64ecbcd94dd23e5920900_NeikiAnalytics.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
326bc79beff64ecbcd94dd23e5920900_NeikiAnalytics.exe
-
Size
2.5MB
-
MD5
326bc79beff64ecbcd94dd23e5920900
-
SHA1
9328f9e807e0f2207ce7e616db5d1d2f9d9a8df1
-
SHA256
f34aa2c8a56bb1ef6ca19028bdae003b77b5fd483c75c3c6acb1c177b80b925a
-
SHA512
7076c494852b3f2ccb3ad340fc7836e85fd0b02c411a32c04bced1d60df1ea092a7a11f9db73723a48f0f37aa455587eb8ca513125d4b0898e8ce696e0f01361
-
SSDEEP
24576:X4ChZcRi3VsesdZcRi3Vses1WmYVmiO1REvVRdU2ixlfuEsLznslkentuKqWlp:X4CY1E114kiBvVviazsl3ntuKTp
Score10/10-
Modifies WinLogon for persistence
-
Disables RegEdit via registry modification
-
Disables Task Manager via registry modification
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
AutoIT Executable
AutoIT scripts compiled to PE executables.
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
2Registry Run Keys / Startup Folder
1Winlogon Helper DLL
1Privilege Escalation
Boot or Logon Autostart Execution
2Registry Run Keys / Startup Folder
1Winlogon Helper DLL
1