General

  • Target

    8cdc492b31061a999cf86eb0f978d880_NeikiAnalytics.exe

  • Size

    45KB

  • Sample

    240601-en6b4ahh93

  • MD5

    8cdc492b31061a999cf86eb0f978d880

  • SHA1

    800287dd3af289ddc2cd4ac4a6554c9718c9fc69

  • SHA256

    b90111a97bfd5e013060cec2d8cf8ef00ece7676836271fb812752844ccf5872

  • SHA512

    7415f910bd141b9d9f7a61476e9225c1e03ea99fd049018f814a9037b1b927c3aa47d22430c01dfc64702d2bfa6e088c973823063d4866dd6c6c18be1c8d2301

  • SSDEEP

    768:PmFQj8rM9whcqet8WfuzHVHFNNqDaG0XjqGoxhz/8szBnP7DFK+5nEM:FAwEmBGz1lNNqDaG0PoxhlzmM

Score
10/10

Malware Config

Targets

    • Target

      8cdc492b31061a999cf86eb0f978d880_NeikiAnalytics.exe

    • Size

      45KB

    • MD5

      8cdc492b31061a999cf86eb0f978d880

    • SHA1

      800287dd3af289ddc2cd4ac4a6554c9718c9fc69

    • SHA256

      b90111a97bfd5e013060cec2d8cf8ef00ece7676836271fb812752844ccf5872

    • SHA512

      7415f910bd141b9d9f7a61476e9225c1e03ea99fd049018f814a9037b1b927c3aa47d22430c01dfc64702d2bfa6e088c973823063d4866dd6c6c18be1c8d2301

    • SSDEEP

      768:PmFQj8rM9whcqet8WfuzHVHFNNqDaG0XjqGoxhz/8szBnP7DFK+5nEM:FAwEmBGz1lNNqDaG0PoxhlzmM

    Score
    10/10
    • Modifies WinLogon for persistence

    • Modifies visibility of file extensions in Explorer

    • Modifies visiblity of hidden/system files in Explorer

    • Disables RegEdit via registry modification

    • Disables use of System Restore points

    • Executes dropped EXE

    • Loads dropped DLL

    • Modifies system executable filetype association

    • Adds Run key to start application

    • Drops desktop.ini file(s)

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks