General

  • Target

    98a30cba52f9ef4f2f7dc5fdc9279520_NeikiAnalytics.exe

  • Size

    2.5MB

  • Sample

    240603-c7ra6sge3y

  • MD5

    98a30cba52f9ef4f2f7dc5fdc9279520

  • SHA1

    f08dbcf4f55d412ad248ef3ddb1b4487a6a8881e

  • SHA256

    b74d48457f96b17023df84bd506b2e113b67ca0509871aaf2702bf4db06e4177

  • SHA512

    53443e626e2fc2c715e1dcb8eb8c6f901a0019716782c5db60f6afc57d8be02fdb57e4b049df41c564be3b89966536ffcbc150377d79b51eb7e94ead80d2be36

  • SSDEEP

    49152:9XRMCdtrFvy/3+eNMoQIQnocsvwaiVIGFZAAYzdYP+B0eyGE/vnCXIu:xRn4muQ5noc0wBVtqAYpY2IVni

Malware Config

Targets

    • Target

      98a30cba52f9ef4f2f7dc5fdc9279520_NeikiAnalytics.exe

    • Size

      2.5MB

    • MD5

      98a30cba52f9ef4f2f7dc5fdc9279520

    • SHA1

      f08dbcf4f55d412ad248ef3ddb1b4487a6a8881e

    • SHA256

      b74d48457f96b17023df84bd506b2e113b67ca0509871aaf2702bf4db06e4177

    • SHA512

      53443e626e2fc2c715e1dcb8eb8c6f901a0019716782c5db60f6afc57d8be02fdb57e4b049df41c564be3b89966536ffcbc150377d79b51eb7e94ead80d2be36

    • SSDEEP

      49152:9XRMCdtrFvy/3+eNMoQIQnocsvwaiVIGFZAAYzdYP+B0eyGE/vnCXIu:xRn4muQ5noc0wBVtqAYpY2IVni

    • UAC bypass

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks