General

  • Target

    148ac21619ee9d498a92bf64d21570d0_NeikiAnalytics.exe

  • Size

    91KB

  • Sample

    240530-pa47zsge9w

  • MD5

    148ac21619ee9d498a92bf64d21570d0

  • SHA1

    4df8ea43c4647b0509a61dbec04a54796b298a92

  • SHA256

    caea8fc754e1074fff24d9b54a6f54654ea046576d730bca1ed2cba1694821af

  • SHA512

    0a4b2831b646fc44f4a8933d4355ca1a3fbb5e6d98b8d29c7fd62376bf5e6514917e256cc287695a669a28c8678e2679119f25857878bf608b82fa116eaf7206

  • SSDEEP

    1536:ERsjdf1aM67v32Z9x5nouy8VT9Rsjdf1aM67v32Z9x5nouy8VTU:EOaHv3YpoutN9OaHv3YpoutNU

Score
10/10

Malware Config

Targets

    • Target

      148ac21619ee9d498a92bf64d21570d0_NeikiAnalytics.exe

    • Size

      91KB

    • MD5

      148ac21619ee9d498a92bf64d21570d0

    • SHA1

      4df8ea43c4647b0509a61dbec04a54796b298a92

    • SHA256

      caea8fc754e1074fff24d9b54a6f54654ea046576d730bca1ed2cba1694821af

    • SHA512

      0a4b2831b646fc44f4a8933d4355ca1a3fbb5e6d98b8d29c7fd62376bf5e6514917e256cc287695a669a28c8678e2679119f25857878bf608b82fa116eaf7206

    • SSDEEP

      1536:ERsjdf1aM67v32Z9x5nouy8VT9Rsjdf1aM67v32Z9x5nouy8VTU:EOaHv3YpoutN9OaHv3YpoutNU

    Score
    10/10
    • Modifies WinLogon for persistence

    • Modifies visibility of file extensions in Explorer

    • Modifies visiblity of hidden/system files in Explorer

    • Disables RegEdit via registry modification

    • Disables use of System Restore points

    • Executes dropped EXE

    • Loads dropped DLL

    • Modifies system executable filetype association

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Adds Run key to start application

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks