General

  • Target

    5477a3199ee7a60a9c06ab5788a3c900_NeikiAnalytics.exe

  • Size

    91KB

  • Sample

    240613-b6qgtazdlc

  • MD5

    5477a3199ee7a60a9c06ab5788a3c900

  • SHA1

    20ffb08905b2c8b4ba1dc09cd7a1b4919c70b148

  • SHA256

    1ff16a8962f2ffed7bb1515a9253bcf52f9f9ea59745492d5ee5d8812b086e04

  • SHA512

    164b7713bc2fda766f150fad28b0d978c8aed0a2f89bcf076734b0ff4df897768cd02fe041b721c8b8f5d2d63a2a81b87b2caba829987932d359b881f81b339a

  • SSDEEP

    1536:XRsjdLaslqdBXvTUL0Hnouy8VjrRsjdLaslqdBXvTUL0Hnouy8VjH:XOJKqsout9rOJKqsout9H

Score
10/10

Malware Config

Targets

    • Target

      5477a3199ee7a60a9c06ab5788a3c900_NeikiAnalytics.exe

    • Size

      91KB

    • MD5

      5477a3199ee7a60a9c06ab5788a3c900

    • SHA1

      20ffb08905b2c8b4ba1dc09cd7a1b4919c70b148

    • SHA256

      1ff16a8962f2ffed7bb1515a9253bcf52f9f9ea59745492d5ee5d8812b086e04

    • SHA512

      164b7713bc2fda766f150fad28b0d978c8aed0a2f89bcf076734b0ff4df897768cd02fe041b721c8b8f5d2d63a2a81b87b2caba829987932d359b881f81b339a

    • SSDEEP

      1536:XRsjdLaslqdBXvTUL0Hnouy8VjrRsjdLaslqdBXvTUL0Hnouy8VjH:XOJKqsout9rOJKqsout9H

    Score
    10/10
    • Modifies WinLogon for persistence

    • Modifies visibility of file extensions in Explorer

    • Modifies visiblity of hidden/system files in Explorer

    • Disables RegEdit via registry modification

    • Disables use of System Restore points

    • Executes dropped EXE

    • Loads dropped DLL

    • Modifies system executable filetype association

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Adds Run key to start application

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks