General

  • Target

    4ce0f39bc3691cc55b36902017484390_NeikiAnalytics.exe

  • Size

    84KB

  • Sample

    240529-kczytsge9v

  • MD5

    4ce0f39bc3691cc55b36902017484390

  • SHA1

    7e5a9df8e5111d60842ef8b7e639f52f82f3f355

  • SHA256

    6bc272a112fb3ac1085b08dd16ac0168614ecb867ab4afa803ba660390814677

  • SHA512

    99a0ce5da2030543806da46cd371bc0a3ef5987f0b960ce0d018ea6d5fa6dc784af38ce4a8184844debfaba33311f5abc511836b29425a31d8a6e145c80707b8

  • SSDEEP

    1536:1clIGFNMi+hJUneHoGTvvv4V9hqdhbtgS8:+RMi+fUnCTvvv4V9hEhbCS

Score
7/10

Malware Config

Targets

    • Target

      4ce0f39bc3691cc55b36902017484390_NeikiAnalytics.exe

    • Size

      84KB

    • MD5

      4ce0f39bc3691cc55b36902017484390

    • SHA1

      7e5a9df8e5111d60842ef8b7e639f52f82f3f355

    • SHA256

      6bc272a112fb3ac1085b08dd16ac0168614ecb867ab4afa803ba660390814677

    • SHA512

      99a0ce5da2030543806da46cd371bc0a3ef5987f0b960ce0d018ea6d5fa6dc784af38ce4a8184844debfaba33311f5abc511836b29425a31d8a6e145c80707b8

    • SSDEEP

      1536:1clIGFNMi+hJUneHoGTvvv4V9hqdhbtgS8:+RMi+fUnCTvvv4V9hEhbCS

    Score
    7/10
    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Adds Run key to start application

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks