General

  • Target

    9b466b132ca4cc7c2b74fb455f25aa70_NeikiAnalytics.exe

  • Size

    23KB

  • Sample

    240603-ewl87acd25

  • MD5

    9b466b132ca4cc7c2b74fb455f25aa70

  • SHA1

    ca548b4396442fbed312f9598ace2e544304b278

  • SHA256

    16b351680971c950b25c6e7d07a934ccac7eeddeeeed140e05b73b2f6ddf1345

  • SHA512

    d2b673a275ed64f3d8af035b88e022aebcd443942861dab6f0dc3409782a325bc3a511124f07b52ab5c2027eb46f3dff93a37a31f17e9cdf72675ba4dbaff59d

  • SSDEEP

    384:jIz4lOXRnvuxYrdyRnPR1aeXCYRKSxBKcilP2Y98h6gKvZ6BBslHR:jIUlOhnvuxNRn5VXfRLBmeMsT2x

Malware Config

Targets

    • Target

      9b466b132ca4cc7c2b74fb455f25aa70_NeikiAnalytics.exe

    • Size

      23KB

    • MD5

      9b466b132ca4cc7c2b74fb455f25aa70

    • SHA1

      ca548b4396442fbed312f9598ace2e544304b278

    • SHA256

      16b351680971c950b25c6e7d07a934ccac7eeddeeeed140e05b73b2f6ddf1345

    • SHA512

      d2b673a275ed64f3d8af035b88e022aebcd443942861dab6f0dc3409782a325bc3a511124f07b52ab5c2027eb46f3dff93a37a31f17e9cdf72675ba4dbaff59d

    • SSDEEP

      384:jIz4lOXRnvuxYrdyRnPR1aeXCYRKSxBKcilP2Y98h6gKvZ6BBslHR:jIUlOhnvuxNRn5VXfRLBmeMsT2x

    • Windows security bypass

    • Drops file in Drivers directory

    • Modifies Installed Components in the registry

    • Sets file execution options in registry

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Windows security modification

    • Modifies WinLogon

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks