General

  • Target

    6bbbe8ef0763a7e3cf6ac2c09ff8ffa0_NeikiAnalytics.exe

  • Size

    161KB

  • Sample

    240613-j2fqtavapl

  • MD5

    6bbbe8ef0763a7e3cf6ac2c09ff8ffa0

  • SHA1

    0c6d4e22575185519c3d200b1dd7d9952e16c8f8

  • SHA256

    e0f8a4ee0eb0891e7c5c3b3977c960eac98b48c4c790c76f3b4cedcc8a94464a

  • SHA512

    e6689d00ee20ab09a5b75c20e1a311bcc906fd084a6ac74af9938db6223153327acfab48d969529d9553f1dff797a50a31fd2f1a23270f7ac49c3cd56f502272

  • SSDEEP

    3072:i5SVkkgUWib1UC7AdYzrV+Dljy/32ubwZZqJ:pUquCkdYzrVolu/J0ZZ

Score
7/10

Malware Config

Targets

    • Target

      6bbbe8ef0763a7e3cf6ac2c09ff8ffa0_NeikiAnalytics.exe

    • Size

      161KB

    • MD5

      6bbbe8ef0763a7e3cf6ac2c09ff8ffa0

    • SHA1

      0c6d4e22575185519c3d200b1dd7d9952e16c8f8

    • SHA256

      e0f8a4ee0eb0891e7c5c3b3977c960eac98b48c4c790c76f3b4cedcc8a94464a

    • SHA512

      e6689d00ee20ab09a5b75c20e1a311bcc906fd084a6ac74af9938db6223153327acfab48d969529d9553f1dff797a50a31fd2f1a23270f7ac49c3cd56f502272

    • SSDEEP

      3072:i5SVkkgUWib1UC7AdYzrV+Dljy/32ubwZZqJ:pUquCkdYzrVolu/J0ZZ

    Score
    7/10
    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Adds Run key to start application

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks