General

  • Target

    1688adc6cb34f91103572ddee2d82f00_NeikiAnalytics.exe

  • Size

    45KB

  • Sample

    240609-jktlcage56

  • MD5

    1688adc6cb34f91103572ddee2d82f00

  • SHA1

    f43c887572cd341090f991226a2be31fa9eac15e

  • SHA256

    cb5d2ab663260339e517a1cff9e84a4aa9f651046b606dc19bb96c69a7f9a9dc

  • SHA512

    7783f483f00546dce881f2673add3c7081ac8574c273c3e90022b04c9c541f195ee76a657696dc21a5865f2dcb210c09d86f50ed71094ad7f98926b8512fd6af

  • SSDEEP

    768:PmFQj8rM9whcqet8WfuzHVHFNNqDaG0XjqGoxhz/8szBnP7DFK+5nEW1:FAwEmBGz1lNNqDaG0Poxhlzme

Score
10/10

Malware Config

Targets

    • Target

      1688adc6cb34f91103572ddee2d82f00_NeikiAnalytics.exe

    • Size

      45KB

    • MD5

      1688adc6cb34f91103572ddee2d82f00

    • SHA1

      f43c887572cd341090f991226a2be31fa9eac15e

    • SHA256

      cb5d2ab663260339e517a1cff9e84a4aa9f651046b606dc19bb96c69a7f9a9dc

    • SHA512

      7783f483f00546dce881f2673add3c7081ac8574c273c3e90022b04c9c541f195ee76a657696dc21a5865f2dcb210c09d86f50ed71094ad7f98926b8512fd6af

    • SSDEEP

      768:PmFQj8rM9whcqet8WfuzHVHFNNqDaG0XjqGoxhz/8szBnP7DFK+5nEW1:FAwEmBGz1lNNqDaG0Poxhlzme

    Score
    10/10
    • Modifies WinLogon for persistence

    • Modifies visibility of file extensions in Explorer

    • Modifies visiblity of hidden/system files in Explorer

    • Disables RegEdit via registry modification

    • Disables use of System Restore points

    • Executes dropped EXE

    • Loads dropped DLL

    • Modifies system executable filetype association

    • Adds Run key to start application

    • Drops desktop.ini file(s)

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks