General
-
Target
35023d6f7250e2d1bf7b11529c7d4e30_NeikiAnalytics.exe
-
Size
480KB
-
Sample
240528-geyl1ahe29
-
MD5
35023d6f7250e2d1bf7b11529c7d4e30
-
SHA1
14ec3a0093815a9ed31e7196b613cba3335f5d29
-
SHA256
66b56e2e6f1ee1387eff5663e9243772b00d82985260601ab5a62398d23c6031
-
SHA512
899d2ed6efa8124af1b5cbd8358a7e7d566a8889d2de912a3d7fd14989695bc5599cbd73ad02d811a019d66fe861714f8354ea4efc93013bcf4e129a93e866a6
-
SSDEEP
6144:pjFRiOcXH6XWD0w1tizmtnktLJ6znvxNcCI+1jDIlnJ9+1aTEPTnOK4JKElDn1M:nRDc3yWDNU+YUznzNjElWaT07NQtD1M
Malware Config
Targets
-
-
Target
35023d6f7250e2d1bf7b11529c7d4e30_NeikiAnalytics.exe
-
Size
480KB
-
MD5
35023d6f7250e2d1bf7b11529c7d4e30
-
SHA1
14ec3a0093815a9ed31e7196b613cba3335f5d29
-
SHA256
66b56e2e6f1ee1387eff5663e9243772b00d82985260601ab5a62398d23c6031
-
SHA512
899d2ed6efa8124af1b5cbd8358a7e7d566a8889d2de912a3d7fd14989695bc5599cbd73ad02d811a019d66fe861714f8354ea4efc93013bcf4e129a93e866a6
-
SSDEEP
6144:pjFRiOcXH6XWD0w1tizmtnktLJ6znvxNcCI+1jDIlnJ9+1aTEPTnOK4JKElDn1M:nRDc3yWDNU+YUznzNjElWaT07NQtD1M
Score10/10-
Modifies firewall policy service
-
Adds policy Run key to start application
-
Sets service image path in registry
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
3Registry Run Keys / Startup Folder
3Create or Modify System Process
1Windows Service
1Privilege Escalation
Boot or Logon Autostart Execution
3Registry Run Keys / Startup Folder
3Create or Modify System Process
1Windows Service
1