General

  • Target

    2f5aea6275c6689ca48192e825747f40_NeikiAnalytics.exe

  • Size

    3.6MB

  • Sample

    240525-2v37mseb92

  • MD5

    2f5aea6275c6689ca48192e825747f40

  • SHA1

    c03301566f063210cab93b01cfaf6193d729c9cd

  • SHA256

    1eaf1dc3fa2b184ea3f852d453ca262133fd2417662f4eaf258f436d7569a6aa

  • SHA512

    ea1859ba868f08f216bbd6ced74d0d2753d3635345544afc5ed816a7d65c1930bd039e558204b0cc48a5894843b6f410262b21780aca6b4a4fbc5f70c3faac06

  • SSDEEP

    98304:JdByXcdnlLwOrI5Vfeg91hZOhkRpsinjL:Jdien+OrFuBR6cL

Score
10/10

Malware Config

Targets

    • Target

      2f5aea6275c6689ca48192e825747f40_NeikiAnalytics.exe

    • Size

      3.6MB

    • MD5

      2f5aea6275c6689ca48192e825747f40

    • SHA1

      c03301566f063210cab93b01cfaf6193d729c9cd

    • SHA256

      1eaf1dc3fa2b184ea3f852d453ca262133fd2417662f4eaf258f436d7569a6aa

    • SHA512

      ea1859ba868f08f216bbd6ced74d0d2753d3635345544afc5ed816a7d65c1930bd039e558204b0cc48a5894843b6f410262b21780aca6b4a4fbc5f70c3faac06

    • SSDEEP

      98304:JdByXcdnlLwOrI5Vfeg91hZOhkRpsinjL:Jdien+OrFuBR6cL

    Score
    10/10
    • Modifies visiblity of hidden/system files in Explorer

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Drops file in System32 directory

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v15

Tasks