General

  • Target

    4c29fc38a6eee0f6c67258f461f836d0_NeikiAnalytics.exe

  • Size

    91KB

  • Sample

    240605-klygcsba9x

  • MD5

    4c29fc38a6eee0f6c67258f461f836d0

  • SHA1

    b44c07905f8c4c1eae72d1cff537e7109a3d9d4a

  • SHA256

    2b9a353e41202823310c0124a1b88dcc6ac43ddb57b4a1e8760a1106fc6040e2

  • SHA512

    f11e9f412e1051aa10d1d85de17055be55bd5524627db87e659e2afa28ccac6a8bad8f92e2fdc87bdb7cbf6596f9d25920b4e761c2ea6bfde89a83730e97fc62

  • SSDEEP

    1536:zAwEmBZ04faWmtN4nic+6GfyAwEmBZ04faWmtN4nic+6Gm:zGms4Eton0qGms4Eton0m

Score
10/10

Malware Config

Targets

    • Target

      4c29fc38a6eee0f6c67258f461f836d0_NeikiAnalytics.exe

    • Size

      91KB

    • MD5

      4c29fc38a6eee0f6c67258f461f836d0

    • SHA1

      b44c07905f8c4c1eae72d1cff537e7109a3d9d4a

    • SHA256

      2b9a353e41202823310c0124a1b88dcc6ac43ddb57b4a1e8760a1106fc6040e2

    • SHA512

      f11e9f412e1051aa10d1d85de17055be55bd5524627db87e659e2afa28ccac6a8bad8f92e2fdc87bdb7cbf6596f9d25920b4e761c2ea6bfde89a83730e97fc62

    • SSDEEP

      1536:zAwEmBZ04faWmtN4nic+6GfyAwEmBZ04faWmtN4nic+6Gm:zGms4Eton0qGms4Eton0m

    Score
    10/10
    • Modifies WinLogon for persistence

    • Modifies visibility of file extensions in Explorer

    • Modifies visiblity of hidden/system files in Explorer

    • Disables RegEdit via registry modification

    • Disables use of System Restore points

    • Executes dropped EXE

    • Loads dropped DLL

    • Modifies system executable filetype association

    • Adds Run key to start application

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks