General

  • Target

    4ebfcf86e901879e08d6c210bc28b070_NeikiAnalytics.exe

  • Size

    2.6MB

  • Sample

    240605-lq8cssda99

  • MD5

    4ebfcf86e901879e08d6c210bc28b070

  • SHA1

    4807a2888a11b33c86a6cb7451a353acd9769d52

  • SHA256

    84b28986a190cf67f3f370b762d25ac38258b1d87b5da66135cf8dd7f5f276c8

  • SHA512

    447e501411bb1a75dd152f28a64950ed6ee609b213b4a4489a1b45ceb5c61db64885a3e23eebacdacf565b594135300e85ee88d19b5e977f4d73787541067638

  • SSDEEP

    49152:TeS12nRc6C5CEAHD26ICQVt1ULUQRP6a6YPkCLJ37xbIjNyX5Hxzl/M:6S+c6ZEmqCMtmoQRP6aZtnsNq9l/M

Score
10/10

Malware Config

Targets

    • Target

      4ebfcf86e901879e08d6c210bc28b070_NeikiAnalytics.exe

    • Size

      2.6MB

    • MD5

      4ebfcf86e901879e08d6c210bc28b070

    • SHA1

      4807a2888a11b33c86a6cb7451a353acd9769d52

    • SHA256

      84b28986a190cf67f3f370b762d25ac38258b1d87b5da66135cf8dd7f5f276c8

    • SHA512

      447e501411bb1a75dd152f28a64950ed6ee609b213b4a4489a1b45ceb5c61db64885a3e23eebacdacf565b594135300e85ee88d19b5e977f4d73787541067638

    • SSDEEP

      49152:TeS12nRc6C5CEAHD26ICQVt1ULUQRP6a6YPkCLJ37xbIjNyX5Hxzl/M:6S+c6ZEmqCMtmoQRP6aZtnsNq9l/M

    Score
    10/10
    • Modifies visiblity of hidden/system files in Explorer

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Drops file in System32 directory

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v15

Tasks