General

  • Target

    a5836bf007a4b83c124b407e5f1a5610_NeikiAnalytics.exe

  • Size

    4.9MB

  • Sample

    240614-f5z23szhpn

  • MD5

    a5836bf007a4b83c124b407e5f1a5610

  • SHA1

    3e0c92d3d0ebb615e7a8adcf47aee59c1f01edb4

  • SHA256

    55f48c596cce8326399aedbcbc039d411eebb1530b76f915acca66bf1b80308f

  • SHA512

    8d66aaae7a86d4786e9c710bf51f9fc03ba8f933a457730ab2f80ec3386cc945932d5698b3c37bca167e4f448bed99076019c80fddd217bb2f4dd4bf1af1d6dc

  • SSDEEP

    98304:g6c2mDMmD2mDrc2mDMmD2mD56c2mDMmD2mDrc2mDMmD2mD6:g6c2mDMmD2mDrc2mDMmD2mD56c2mDMmF

Score
10/10

Malware Config

Targets

    • Target

      a5836bf007a4b83c124b407e5f1a5610_NeikiAnalytics.exe

    • Size

      4.9MB

    • MD5

      a5836bf007a4b83c124b407e5f1a5610

    • SHA1

      3e0c92d3d0ebb615e7a8adcf47aee59c1f01edb4

    • SHA256

      55f48c596cce8326399aedbcbc039d411eebb1530b76f915acca66bf1b80308f

    • SHA512

      8d66aaae7a86d4786e9c710bf51f9fc03ba8f933a457730ab2f80ec3386cc945932d5698b3c37bca167e4f448bed99076019c80fddd217bb2f4dd4bf1af1d6dc

    • SSDEEP

      98304:g6c2mDMmD2mDrc2mDMmD2mD56c2mDMmD2mDrc2mDMmD2mD6:g6c2mDMmD2mDrc2mDMmD2mD56c2mDMmF

    Score
    10/10
    • Modifies visibility of file extensions in Explorer

    • Modifies visiblity of hidden/system files in Explorer

    • Adds policy Run key to start application

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks