General

  • Target

    9f712f9dd6c4a8f9d41c7fb90553fd30_NeikiAnalytics.exe

  • Size

    24KB

  • Sample

    240603-hrmkyafe5v

  • MD5

    9f712f9dd6c4a8f9d41c7fb90553fd30

  • SHA1

    793a0e11dc09e2e494f0b0fb5d743f66da33d45d

  • SHA256

    d50170f8d474ecb31542fe34e8133931018c848f01c48c112f374ea63451f318

  • SHA512

    fa1129e3afbf739a5afdba873e84224b95833050c6201ba9d135b487307c2c38ca224294bf319f327dea6c559b6482e0df2f2618cecea15c0d6c1e5d7642b7b6

  • SSDEEP

    384:jIz4RzfVzXQnpFurRW+ntZHu6sJuDwSXgqD5jbFTsTvIaPSFAdN:jIURpzAp+RFtNvGuDwMWvIan

Malware Config

Targets

    • Target

      9f712f9dd6c4a8f9d41c7fb90553fd30_NeikiAnalytics.exe

    • Size

      24KB

    • MD5

      9f712f9dd6c4a8f9d41c7fb90553fd30

    • SHA1

      793a0e11dc09e2e494f0b0fb5d743f66da33d45d

    • SHA256

      d50170f8d474ecb31542fe34e8133931018c848f01c48c112f374ea63451f318

    • SHA512

      fa1129e3afbf739a5afdba873e84224b95833050c6201ba9d135b487307c2c38ca224294bf319f327dea6c559b6482e0df2f2618cecea15c0d6c1e5d7642b7b6

    • SSDEEP

      384:jIz4RzfVzXQnpFurRW+ntZHu6sJuDwSXgqD5jbFTsTvIaPSFAdN:jIURpzAp+RFtNvGuDwMWvIan

    • Windows security bypass

    • Drops file in Drivers directory

    • Modifies Installed Components in the registry

    • Sets file execution options in registry

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Windows security modification

    • Modifies WinLogon

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks