General

  • Target

    2819ea66eacdd2fa6d5abef09a8bcd10_NeikiAnalytics.exe

  • Size

    2.7MB

  • Sample

    240612-jbnczavalb

  • MD5

    2819ea66eacdd2fa6d5abef09a8bcd10

  • SHA1

    c2c07044a9a3f06aa3cee07c577f709a6bea2d4c

  • SHA256

    f10aa72bab8f0d0d895a34b207d62099ddc863c80cdf10688db7ac5c6c7ba4d2

  • SHA512

    fe191b8806499ecb1d3aa193681f935911bf55072d595cb656ab4f50b509077fea6eaf0a7d3c29f6c7d94836818bf537d9ea1708f5a95e3bdb202a1c867832bb

  • SSDEEP

    49152:QA4GxJ0r4i4zQwmGmgetbQG5pXWVg9tq2Kqjgyi79nb3Ug5G2Pju1yg7JWdLp:tIrR4zQ/gKbQ45870gzRdAlM

Score
7/10

Malware Config

Targets

    • Target

      2819ea66eacdd2fa6d5abef09a8bcd10_NeikiAnalytics.exe

    • Size

      2.7MB

    • MD5

      2819ea66eacdd2fa6d5abef09a8bcd10

    • SHA1

      c2c07044a9a3f06aa3cee07c577f709a6bea2d4c

    • SHA256

      f10aa72bab8f0d0d895a34b207d62099ddc863c80cdf10688db7ac5c6c7ba4d2

    • SHA512

      fe191b8806499ecb1d3aa193681f935911bf55072d595cb656ab4f50b509077fea6eaf0a7d3c29f6c7d94836818bf537d9ea1708f5a95e3bdb202a1c867832bb

    • SSDEEP

      49152:QA4GxJ0r4i4zQwmGmgetbQG5pXWVg9tq2Kqjgyi79nb3Ug5G2Pju1yg7JWdLp:tIrR4zQ/gKbQ45870gzRdAlM

    Score
    7/10
    • Executes dropped EXE

    • Loads dropped DLL

    • Checks for any installed AV software in registry

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

MITRE ATT&CK Matrix ATT&CK v13

Persistence

Pre-OS Boot

1
T1542

Bootkit

1
T1542.003

Defense Evasion

Pre-OS Boot

1
T1542

Bootkit

1
T1542.003

Modify Registry

1
T1112

Discovery

Software Discovery

1
T1518

Security Software Discovery

1
T1518.001

System Information Discovery

1
T1082

Tasks