General

  • Target

    902884ed2a763571b49e228a8ab256f0_NeikiAnalytics.exe

  • Size

    64KB

  • Sample

    240601-gst6qscc2t

  • MD5

    902884ed2a763571b49e228a8ab256f0

  • SHA1

    c2942748edc8fd422a5f1f0ee4d1a11463237fa6

  • SHA256

    a44fa755fe8df337dc1f29e1a3563ab2f5cd753902d9726b3ae649164986d50e

  • SHA512

    db211c294355f32f6bca40dfad9620b82dc5f00096fdf8f13c3acd9edb3d9c116f57c91a74e3279d4654986760c15b7cb5c6de2ea6fa5fa94f755ecc9c2efad8

  • SSDEEP

    768:rAUJmQCcmLCXQq6fsKiJYsIkjJVzqsVG5kuGKQLddOW/O4Wv904jF:sUNHFKQbIkHvGMdOh4004p

Malware Config

Targets

    • Target

      902884ed2a763571b49e228a8ab256f0_NeikiAnalytics.exe

    • Size

      64KB

    • MD5

      902884ed2a763571b49e228a8ab256f0

    • SHA1

      c2942748edc8fd422a5f1f0ee4d1a11463237fa6

    • SHA256

      a44fa755fe8df337dc1f29e1a3563ab2f5cd753902d9726b3ae649164986d50e

    • SHA512

      db211c294355f32f6bca40dfad9620b82dc5f00096fdf8f13c3acd9edb3d9c116f57c91a74e3279d4654986760c15b7cb5c6de2ea6fa5fa94f755ecc9c2efad8

    • SSDEEP

      768:rAUJmQCcmLCXQq6fsKiJYsIkjJVzqsVG5kuGKQLddOW/O4Wv904jF:sUNHFKQbIkHvGMdOh4004p

    • Windows security bypass

    • Drops file in Drivers directory

    • Modifies Installed Components in the registry

    • Sets file execution options in registry

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Windows security modification

    • Modifies WinLogon

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks