General

  • Target

    8ee984648fe86a133e4af6529b88e560_NeikiAnalytics.exe

  • Size

    2.4MB

  • Sample

    240601-fy2x4abg48

  • MD5

    8ee984648fe86a133e4af6529b88e560

  • SHA1

    3e724048ed38075daa92d5106aff9befc1c20b51

  • SHA256

    34e483aef77327ad2279e2f06564f832bfa2e44aaafe27b630351ad8b94a9b6d

  • SHA512

    3b4ba9527abc6744cf210ffdf9cb98af4e31c865ffb94b446195fbfa00d23a4d4de8381b7572651774868e2673bfdde5e19e68fd417f717490582a08d537dac1

  • SSDEEP

    49152:5Ko2gzhGqxIaWeSkKkAQOQ1y7GklXRYxxTttMs+xyPFRwGJnunLp9u0XsA5cl+6L:I+zhGqx3WeSkKkAQOQ1y7PlXRYxxTttN

Score
10/10

Malware Config

Targets

    • Target

      8ee984648fe86a133e4af6529b88e560_NeikiAnalytics.exe

    • Size

      2.4MB

    • MD5

      8ee984648fe86a133e4af6529b88e560

    • SHA1

      3e724048ed38075daa92d5106aff9befc1c20b51

    • SHA256

      34e483aef77327ad2279e2f06564f832bfa2e44aaafe27b630351ad8b94a9b6d

    • SHA512

      3b4ba9527abc6744cf210ffdf9cb98af4e31c865ffb94b446195fbfa00d23a4d4de8381b7572651774868e2673bfdde5e19e68fd417f717490582a08d537dac1

    • SSDEEP

      49152:5Ko2gzhGqxIaWeSkKkAQOQ1y7GklXRYxxTttMs+xyPFRwGJnunLp9u0XsA5cl+6L:I+zhGqx3WeSkKkAQOQ1y7PlXRYxxTttN

    Score
    10/10
    • Modifies firewall policy service

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Adds Run key to start application

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks