General
-
Target
4ebfcf86e901879e08d6c210bc28b070_NeikiAnalytics.exe
-
Size
2.6MB
-
Sample
240605-lq8cssda99
-
MD5
4ebfcf86e901879e08d6c210bc28b070
-
SHA1
4807a2888a11b33c86a6cb7451a353acd9769d52
-
SHA256
84b28986a190cf67f3f370b762d25ac38258b1d87b5da66135cf8dd7f5f276c8
-
SHA512
447e501411bb1a75dd152f28a64950ed6ee609b213b4a4489a1b45ceb5c61db64885a3e23eebacdacf565b594135300e85ee88d19b5e977f4d73787541067638
-
SSDEEP
49152:TeS12nRc6C5CEAHD26ICQVt1ULUQRP6a6YPkCLJ37xbIjNyX5Hxzl/M:6S+c6ZEmqCMtmoQRP6aZtnsNq9l/M
Static task
static1
Behavioral task
behavioral1
Sample
4ebfcf86e901879e08d6c210bc28b070_NeikiAnalytics.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
4ebfcf86e901879e08d6c210bc28b070_NeikiAnalytics.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
4ebfcf86e901879e08d6c210bc28b070_NeikiAnalytics.exe
-
Size
2.6MB
-
MD5
4ebfcf86e901879e08d6c210bc28b070
-
SHA1
4807a2888a11b33c86a6cb7451a353acd9769d52
-
SHA256
84b28986a190cf67f3f370b762d25ac38258b1d87b5da66135cf8dd7f5f276c8
-
SHA512
447e501411bb1a75dd152f28a64950ed6ee609b213b4a4489a1b45ceb5c61db64885a3e23eebacdacf565b594135300e85ee88d19b5e977f4d73787541067638
-
SSDEEP
49152:TeS12nRc6C5CEAHD26ICQVt1ULUQRP6a6YPkCLJ37xbIjNyX5Hxzl/M:6S+c6ZEmqCMtmoQRP6aZtnsNq9l/M
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Drops file in System32 directory
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Scheduled Task/Job
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Scheduled Task/Job
1