Overview

overview

10

Static

static

3

05421a3a7d...cs.exe

windows7-x64

10

05421a3a7d...cs.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    05421a3a7d61ef0172dfebaced7ae130_NeikiAnalytics.exe

  • Size

    9.5MB

  • Sample

    240603-1e6r6aag72

  • MD5

    05421a3a7d61ef0172dfebaced7ae130

  • SHA1

    2e770a098d720781e409379f118f26665b228312

  • SHA256

    478ce9d713b94900e8deef871499cac0bda4c7c75e31bae22186bed1a61dbc2b

  • SHA512

    34014d1b1688646392daf930c864bf3e4a45c974753a4cf1b0e29470402da3b9af8610789dd7add0358ea37420a96fdd47dc020684555a6d360a7e16549ebfa2

  • SSDEEP

    196608:gMmD2mDe2mDMmD2mDc2mDMmD2mDe2mDMmD2mDc2mDMmD2mD4c2mDMmD2mDe2mDMO:3

Score
10/10
evasionpersistence

Malware Config

Targets

    • Target

      05421a3a7d61ef0172dfebaced7ae130_NeikiAnalytics.exe

    • Size

      9.5MB

    • MD5

      05421a3a7d61ef0172dfebaced7ae130

    • SHA1

      2e770a098d720781e409379f118f26665b228312

    • SHA256

      478ce9d713b94900e8deef871499cac0bda4c7c75e31bae22186bed1a61dbc2b

    • SHA512

      34014d1b1688646392daf930c864bf3e4a45c974753a4cf1b0e29470402da3b9af8610789dd7add0358ea37420a96fdd47dc020684555a6d360a7e16549ebfa2

    • SSDEEP

      196608:gMmD2mDe2mDMmD2mDc2mDMmD2mDe2mDMmD2mDc2mDMmD2mD4c2mDMmD2mDe2mDMO:3

    Score
    10/10
    evasionpersistence

    • Modifies visibility of file extensions in Explorer

      evasion

    • Modifies visiblity of hidden/system files in Explorer

      evasion

    • Adds policy Run key to start application

      persistence

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks