Overview

overview

8

Static

static

3

24b92de6f1...cs.exe

windows7-x64

8

24b92de6f1...cs.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    24b92de6f1fa78d17586cc33516d2760_NeikiAnalytics.exe

  • Size

    84KB

  • Sample

    240527-h6nfsacb9w

  • MD5

    24b92de6f1fa78d17586cc33516d2760

  • SHA1

    aafb98e8a2ce2d1bbb64dc5ec18769016f39cf70

  • SHA256

    6b8b35c3f734f80a1fff238d7d02f72362d2c5c53d077d09b4a72a0ce7fe0979

  • SHA512

    1cf1de5444e22969fb0507056bec084a86f6fe3e5c5d603998802c3d9bfa31bb380dafcf6cd642efac3ba8915f4befeea391248188bf7ae2644b2602c1ad1ad7

  • SSDEEP

    1536:0azWlKzJVcNp++yQNS6xNNCT2l8NE8llbpTaCJRpsWr6cdaQTJSvYYm78Exj:AFNpo6rIKlUE8fbkqRfbaQlaYYmB

Score
8/10
persistence

Malware Config

Targets

    • Target

      24b92de6f1fa78d17586cc33516d2760_NeikiAnalytics.exe

    • Size

      84KB

    • MD5

      24b92de6f1fa78d17586cc33516d2760

    • SHA1

      aafb98e8a2ce2d1bbb64dc5ec18769016f39cf70

    • SHA256

      6b8b35c3f734f80a1fff238d7d02f72362d2c5c53d077d09b4a72a0ce7fe0979

    • SHA512

      1cf1de5444e22969fb0507056bec084a86f6fe3e5c5d603998802c3d9bfa31bb380dafcf6cd642efac3ba8915f4befeea391248188bf7ae2644b2602c1ad1ad7

    • SSDEEP

      1536:0azWlKzJVcNp++yQNS6xNNCT2l8NE8llbpTaCJRpsWr6cdaQTJSvYYm78Exj:AFNpo6rIKlUE8fbkqRfbaQlaYYmB

    Score
    8/10
    persistence

    • Downloads MZ/PE file

    • Manipulates Digital Signatures

      Attackers can apply techniques such as changing the registry keys of authenticode & Cryptography to obtain their binary as valid.

    • Sets service image path in registry

      persistence

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks