General

  • Target

    8efbda2f53ae7bbc7fe5b86c7d04f060_NeikiAnalytics.exe

  • Size

    156KB

  • Sample

    240601-f1m7qabb9t

  • MD5

    8efbda2f53ae7bbc7fe5b86c7d04f060

  • SHA1

    3344e40471706475fc58a2ea05d4c07d09e2d8c6

  • SHA256

    46ea9a3def25ee893138b18b3e65a74a8ad8406312081d7ca5133107061063d0

  • SHA512

    b85e51bcab67c8b8b1c6138568b577bd4f66deab098aaa2b47b005c1aee5729edb26bd98dcb833002b8afa6452b701a7b788476324a1f76e015bdf92e4b0d2d1

  • SSDEEP

    3072:rnoxLFLOpMS7yJuu4TrVlpT3rZy93E3ipMdIyH+Y8DuA2IXTZuG4oQZiE0c:MxLfJuu4l3rZy93UipMd9+Y8DuY8aWh

Score
10/10

Malware Config

Targets

    • Target

      8efbda2f53ae7bbc7fe5b86c7d04f060_NeikiAnalytics.exe

    • Size

      156KB

    • MD5

      8efbda2f53ae7bbc7fe5b86c7d04f060

    • SHA1

      3344e40471706475fc58a2ea05d4c07d09e2d8c6

    • SHA256

      46ea9a3def25ee893138b18b3e65a74a8ad8406312081d7ca5133107061063d0

    • SHA512

      b85e51bcab67c8b8b1c6138568b577bd4f66deab098aaa2b47b005c1aee5729edb26bd98dcb833002b8afa6452b701a7b788476324a1f76e015bdf92e4b0d2d1

    • SSDEEP

      3072:rnoxLFLOpMS7yJuu4TrVlpT3rZy93E3ipMdIyH+Y8DuA2IXTZuG4oQZiE0c:MxLfJuu4l3rZy93UipMd9+Y8DuY8aWh

    Score
    10/10
    • Modifies visiblity of hidden/system files in Explorer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks