General
-
Target
8ee984648fe86a133e4af6529b88e560_NeikiAnalytics.exe
-
Size
2.4MB
-
Sample
240601-fy2x4abg48
-
MD5
8ee984648fe86a133e4af6529b88e560
-
SHA1
3e724048ed38075daa92d5106aff9befc1c20b51
-
SHA256
34e483aef77327ad2279e2f06564f832bfa2e44aaafe27b630351ad8b94a9b6d
-
SHA512
3b4ba9527abc6744cf210ffdf9cb98af4e31c865ffb94b446195fbfa00d23a4d4de8381b7572651774868e2673bfdde5e19e68fd417f717490582a08d537dac1
-
SSDEEP
49152:5Ko2gzhGqxIaWeSkKkAQOQ1y7GklXRYxxTttMs+xyPFRwGJnunLp9u0XsA5cl+6L:I+zhGqx3WeSkKkAQOQ1y7PlXRYxxTttN
Behavioral task
behavioral1
Sample
8ee984648fe86a133e4af6529b88e560_NeikiAnalytics.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
8ee984648fe86a133e4af6529b88e560_NeikiAnalytics.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
8ee984648fe86a133e4af6529b88e560_NeikiAnalytics.exe
-
Size
2.4MB
-
MD5
8ee984648fe86a133e4af6529b88e560
-
SHA1
3e724048ed38075daa92d5106aff9befc1c20b51
-
SHA256
34e483aef77327ad2279e2f06564f832bfa2e44aaafe27b630351ad8b94a9b6d
-
SHA512
3b4ba9527abc6744cf210ffdf9cb98af4e31c865ffb94b446195fbfa00d23a4d4de8381b7572651774868e2673bfdde5e19e68fd417f717490582a08d537dac1
-
SSDEEP
49152:5Ko2gzhGqxIaWeSkKkAQOQ1y7GklXRYxxTttMs+xyPFRwGJnunLp9u0XsA5cl+6L:I+zhGqx3WeSkKkAQOQ1y7PlXRYxxTttN
Score10/10-
Modifies firewall policy service
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1