General

  • Target

    8ec12c29ed89637f8f80a1a038afa200_NeikiAnalytics.exe

  • Size

    1.4MB

  • Sample

    240601-fwmemabf75

  • MD5

    8ec12c29ed89637f8f80a1a038afa200

  • SHA1

    8ad80f8580569fc986c1d5cc6559fb27a0bf302e

  • SHA256

    908f31ed01990097a2e28dc6d2ba85ca4b93f3a8025c69606e496e1a98b655e3

  • SHA512

    1b4f89bb5c117b1191568d2bc48ad353820eefa876e737ee22ae942d84e9bc16f88be8271fc19c1d600aad6496f7db0acb03234798f5485b29803e3242ed2b8c

  • SSDEEP

    6144:gDCwfADCwfyDDCwfqDCwfyDDCwfaz6DCwfADCwfyDDCwfqDCwfyDDCwfazQ:g7A7yD7q7yD7az67A7yD7q7yD7azQ

Score
10/10

Malware Config

Targets

    • Target

      8ec12c29ed89637f8f80a1a038afa200_NeikiAnalytics.exe

    • Size

      1.4MB

    • MD5

      8ec12c29ed89637f8f80a1a038afa200

    • SHA1

      8ad80f8580569fc986c1d5cc6559fb27a0bf302e

    • SHA256

      908f31ed01990097a2e28dc6d2ba85ca4b93f3a8025c69606e496e1a98b655e3

    • SHA512

      1b4f89bb5c117b1191568d2bc48ad353820eefa876e737ee22ae942d84e9bc16f88be8271fc19c1d600aad6496f7db0acb03234798f5485b29803e3242ed2b8c

    • SSDEEP

      6144:gDCwfADCwfyDDCwfqDCwfyDDCwfaz6DCwfADCwfyDDCwfqDCwfyDDCwfazQ:g7A7yD7q7yD7az67A7yD7q7yD7azQ

    Score
    10/10
    • Modifies visibility of file extensions in Explorer

    • Modifies visiblity of hidden/system files in Explorer

    • Adds policy Run key to start application

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks