General

  • Target

    9bccf2661d8cba99d3b07dfdbce1bcd0_NeikiAnalytics.exe

  • Size

    91KB

  • Sample

    240603-e8zp2sbf5w

  • MD5

    9bccf2661d8cba99d3b07dfdbce1bcd0

  • SHA1

    1bde34be4e86ba91e32a44ab9598950895a081d1

  • SHA256

    cd0e51ba7193321712a8052927061bc54d88be46e0fb94b10c29f4d4f61f214e

  • SHA512

    48e42bc8c8689c605115eb65187fd321ef842a077555257115ec24df75d1f1b2631ef0850c123f2d61f6307a83879327d5ac51f3c6596ed011e5300bca04e16d

  • SSDEEP

    768:E3gRYjXbUeHORIC4ZxBMldNKm8Mxm8I+IxrjPfAQ4o3ImuZf3gRYjXbUeHORIC4q:uT3OA3+KQsxfS40T3OA3+KQsxfS45W

Score
10/10

Malware Config

Targets

    • Target

      9bccf2661d8cba99d3b07dfdbce1bcd0_NeikiAnalytics.exe

    • Size

      91KB

    • MD5

      9bccf2661d8cba99d3b07dfdbce1bcd0

    • SHA1

      1bde34be4e86ba91e32a44ab9598950895a081d1

    • SHA256

      cd0e51ba7193321712a8052927061bc54d88be46e0fb94b10c29f4d4f61f214e

    • SHA512

      48e42bc8c8689c605115eb65187fd321ef842a077555257115ec24df75d1f1b2631ef0850c123f2d61f6307a83879327d5ac51f3c6596ed011e5300bca04e16d

    • SSDEEP

      768:E3gRYjXbUeHORIC4ZxBMldNKm8Mxm8I+IxrjPfAQ4o3ImuZf3gRYjXbUeHORIC4q:uT3OA3+KQsxfS40T3OA3+KQsxfS45W

    Score
    10/10
    • Modifies WinLogon for persistence

    • Modifies visibility of file extensions in Explorer

    • Modifies visiblity of hidden/system files in Explorer

    • Disables RegEdit via registry modification

    • Disables use of System Restore points

    • Executes dropped EXE

    • Loads dropped DLL

    • Modifies system executable filetype association

    • Adds Run key to start application

    • Drops desktop.ini file(s)

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks