General

  • Target

    3a0076148a1cc1e744497b2e8102a9b0_NeikiAnalytics.exe

  • Size

    88KB

  • Sample

    240602-fgeq8sbf4w

  • MD5

    3a0076148a1cc1e744497b2e8102a9b0

  • SHA1

    0ec6a04f8d058359280109dff4ebf8f2cc67b570

  • SHA256

    3ca7c9f09dd180dd56e6ae734994195c93e5ae28294cac8e8931cafdc64b9631

  • SHA512

    62841dd19d23e301fae29429a8fd9ef8360431bde746d76ab82d36a5c1af5cb791fcf24441c8023d525ee65e58c963288d41fd78ce9fe50cabf190f38f6ae4a3

  • SSDEEP

    1536:ahUDofByDJWbMGcEFLPEPKOJUsy1+VMA:aIofBHbKMP0PvMA

Score
7/10

Malware Config

Targets

    • Target

      3a0076148a1cc1e744497b2e8102a9b0_NeikiAnalytics.exe

    • Size

      88KB

    • MD5

      3a0076148a1cc1e744497b2e8102a9b0

    • SHA1

      0ec6a04f8d058359280109dff4ebf8f2cc67b570

    • SHA256

      3ca7c9f09dd180dd56e6ae734994195c93e5ae28294cac8e8931cafdc64b9631

    • SHA512

      62841dd19d23e301fae29429a8fd9ef8360431bde746d76ab82d36a5c1af5cb791fcf24441c8023d525ee65e58c963288d41fd78ce9fe50cabf190f38f6ae4a3

    • SSDEEP

      1536:ahUDofByDJWbMGcEFLPEPKOJUsy1+VMA:aIofBHbKMP0PvMA

    Score
    7/10
    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Adds Run key to start application

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks