Overview

overview

10

Static

static

1

809b85e486...cs.exe

windows7-x64

10

809b85e486...cs.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    809b85e4861b490c94409b5bb47824f0NeikiAnalytics.exe

  • Size

    209KB

  • Sample

    240531-1fklbafb29

  • MD5

    809b85e4861b490c94409b5bb47824f0

  • SHA1

    f3fa90aafec3ee8bac167f437561153e8d623e8a

  • SHA256

    cee49b636b54fa9617e5fbfc5186ad41b9fd0292dd84f147062945a003975693

  • SHA512

    077c31ce27844c08eda19c16db0cde614cca5cdfa7614cfcb6d69c08ba66eafaf037b883211d7ed261724ea79ef587f0ff16cf62fbd828c16e209f3797f0ea66

  • SSDEEP

    3072:kQcjk9tVRNIcjb4Ryfjijjx14hdeCXHKPJFo9zpE7Di0X0JuLL+o7BlpF9e:kQh9tVRm2kh34hdeCkcG7DEALLlnN

Score
10/10
persistenceupx

Malware Config

Targets

    • Target

      809b85e4861b490c94409b5bb47824f0NeikiAnalytics.exe

    • Size

      209KB

    • MD5

      809b85e4861b490c94409b5bb47824f0

    • SHA1

      f3fa90aafec3ee8bac167f437561153e8d623e8a

    • SHA256

      cee49b636b54fa9617e5fbfc5186ad41b9fd0292dd84f147062945a003975693

    • SHA512

      077c31ce27844c08eda19c16db0cde614cca5cdfa7614cfcb6d69c08ba66eafaf037b883211d7ed261724ea79ef587f0ff16cf62fbd828c16e209f3797f0ea66

    • SSDEEP

      3072:kQcjk9tVRNIcjb4Ryfjijjx14hdeCXHKPJFo9zpE7Di0X0JuLL+o7BlpF9e:kQh9tVRm2kh34hdeCkcG7DEALLlnN

    Score
    10/10
    persistenceupx

    • Modifies WinLogon for persistence

      persistence

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Modifies WinLogon

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks