Overview

overview

6

Static

static

3

0b2cb7adb4...cs.exe

windows7-x64

6

0b2cb7adb4...cs.exe

windows10-2004-x64

6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    0b2cb7adb4e2a1447222681c9d422420_NeikiAnalytics.exe

  • Size

    2.8MB

  • Sample

    240526-r99b4aba58

  • MD5

    0b2cb7adb4e2a1447222681c9d422420

  • SHA1

    7e074d5d76ccec6bf8136adf4f845015e1243cb7

  • SHA256

    cdedbf3f958fdd3575ed4cdfc46d602a8e2aee5d8ff33754db271e8cb81b86b5

  • SHA512

    3e0cb454fd8e306995a3cf6d69139f810687dd75443eb74909e0d8a60e7babeed05fc3deb9d65d63ed839079dc9cbc36fa71872ed0ba2d2b11ea8fcb2d204512

  • SSDEEP

    49152:/k5YEGaeoIFUxP5RUrF/PQfJ51N73dTN3COW0OP98gC:vEGasFW5RUrFQfr7tTQLM

Score
6/10
bootkitpersistence

Malware Config

Targets

    • Target

      0b2cb7adb4e2a1447222681c9d422420_NeikiAnalytics.exe

    • Size

      2.8MB

    • MD5

      0b2cb7adb4e2a1447222681c9d422420

    • SHA1

      7e074d5d76ccec6bf8136adf4f845015e1243cb7

    • SHA256

      cdedbf3f958fdd3575ed4cdfc46d602a8e2aee5d8ff33754db271e8cb81b86b5

    • SHA512

      3e0cb454fd8e306995a3cf6d69139f810687dd75443eb74909e0d8a60e7babeed05fc3deb9d65d63ed839079dc9cbc36fa71872ed0ba2d2b11ea8fcb2d204512

    • SSDEEP

      49152:/k5YEGaeoIFUxP5RUrF/PQfJ51N73dTN3COW0OP98gC:vEGasFW5RUrFQfr7tTQLM

    Score
    6/10
    bootkitpersistence

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

      bootkitpersistence

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Pre-OS Boot

1
T1542

Bootkit

1
T1542.003

Privilege Escalation

Defense Evasion

Pre-OS Boot

1
T1542

Bootkit

1
T1542.003

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks