General
-
Target
06df19d167c283cd43deb9b8883b5330_NeikiAnalytics.exe
-
Size
480KB
-
Sample
240526-14z1xaeg75
-
MD5
06df19d167c283cd43deb9b8883b5330
-
SHA1
3d024229ed92764ffb9e4dcd09274a8108707552
-
SHA256
3bb0a31e3403708ba4d6b9a8a58bfd9e2062c7df63cf50491032813a2b43c689
-
SHA512
42de8540b92dfb72fae9f0efc2d38791b490a95a5d1502d41af71097616cf75e224b9f29dc6b7a4f212a1d967cb0e06243e6e2fbef4c4624f233cba26fccf934
-
SSDEEP
6144:pjFRiOcXH6XWD0w1tizmtnktLJ6znvxNcCI+1jDIlnJ9+1aTEPTnOK4JKElDncQ:nRDc3yWDNU+YUznzNjElWaT07NQtD5
Malware Config
Targets
-
-
Target
06df19d167c283cd43deb9b8883b5330_NeikiAnalytics.exe
-
Size
480KB
-
MD5
06df19d167c283cd43deb9b8883b5330
-
SHA1
3d024229ed92764ffb9e4dcd09274a8108707552
-
SHA256
3bb0a31e3403708ba4d6b9a8a58bfd9e2062c7df63cf50491032813a2b43c689
-
SHA512
42de8540b92dfb72fae9f0efc2d38791b490a95a5d1502d41af71097616cf75e224b9f29dc6b7a4f212a1d967cb0e06243e6e2fbef4c4624f233cba26fccf934
-
SSDEEP
6144:pjFRiOcXH6XWD0w1tizmtnktLJ6znvxNcCI+1jDIlnJ9+1aTEPTnOK4JKElDncQ:nRDc3yWDNU+YUznzNjElWaT07NQtD5
Score10/10-
Modifies firewall policy service
-
Adds policy Run key to start application
-
Sets service image path in registry
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
3Registry Run Keys / Startup Folder
3Create or Modify System Process
1Windows Service
1Privilege Escalation
Boot or Logon Autostart Execution
3Registry Run Keys / Startup Folder
3Create or Modify System Process
1Windows Service
1