General

  • Target

    701f0f6ff98ebef81268c74b2f2ce560_NeikiAnalytics.exe

  • Size

    47KB

  • Sample

    240613-laarlawfqk

  • MD5

    701f0f6ff98ebef81268c74b2f2ce560

  • SHA1

    a19b43a4754a839831fd626df9310f73a2753bc4

  • SHA256

    f76ecae0784f4ce82fca174fbeb46004063f90bf03d006c8611ffec8d5cbbc7c

  • SHA512

    ad2826687ae17775d43b986fa0e03e3ca974a36e02899a8ba2e4fc0d74b1d152344b8c7b8628f122847b8050a66adc9748b7c907ea94d5a4840e0802ca76d4b0

  • SSDEEP

    768:ua4r+PpHfXGLOnNh8noR+Dk6SLhmVGj3y6SLhmVGj3g:2r+Fuc5LhmkjC5Lhmkjw

Score
8/10
upx

Malware Config

Targets

    • Target

      701f0f6ff98ebef81268c74b2f2ce560_NeikiAnalytics.exe

    • Size

      47KB

    • MD5

      701f0f6ff98ebef81268c74b2f2ce560

    • SHA1

      a19b43a4754a839831fd626df9310f73a2753bc4

    • SHA256

      f76ecae0784f4ce82fca174fbeb46004063f90bf03d006c8611ffec8d5cbbc7c

    • SHA512

      ad2826687ae17775d43b986fa0e03e3ca974a36e02899a8ba2e4fc0d74b1d152344b8c7b8628f122847b8050a66adc9748b7c907ea94d5a4840e0802ca76d4b0

    • SSDEEP

      768:ua4r+PpHfXGLOnNh8noR+Dk6SLhmVGj3y6SLhmVGj3g:2r+Fuc5LhmkjC5Lhmkjw

    Score
    8/10
    • Drops file in Drivers directory

    • Manipulates Digital Signatures

      Attackers can apply techniques such as modifying certain DLL exports to make their binary seem valid.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Drops desktop.ini file(s)

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks