General
-
Target
44fb09efceb3e81150181ad3ecbeed20_NeikiAnalytics.exe
-
Size
23KB
-
Sample
240618-pl6j7axepp
-
MD5
44fb09efceb3e81150181ad3ecbeed20
-
SHA1
512d19f550c4115e05b4255ac773f0c2189154e4
-
SHA256
4fcd6f2fc384fccc0040ad53e9c7b53ad99f00307f048c78a89dfac7edc08501
-
SHA512
69d1e2a3b18dcd9d8d4a901aac098caaefdddc2ed40a63aaaa94e4ac1a86d7fe5ced69c964f974410079e2d91deea13fdf54cbdba89e4c3ae952aea1902916d3
-
SSDEEP
384:eoWtkEwn65rgjAsGipk55D16xgXakhbZD0mRvR6JZlbw8hqIusZzZIC:R7O89p2rRpcnug
Behavioral task
behavioral1
Sample
44fb09efceb3e81150181ad3ecbeed20_NeikiAnalytics.exe
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
44fb09efceb3e81150181ad3ecbeed20_NeikiAnalytics.exe
Resource
win10v2004-20240611-en
Malware Config
Extracted
njrat
0.7d
HacKed
10.10.1.11:5552
7657c14284185fbd3fb108b43c7467ba
-
reg_key
7657c14284185fbd3fb108b43c7467ba
-
splitter
|'|'|
Targets
-
-
Target
44fb09efceb3e81150181ad3ecbeed20_NeikiAnalytics.exe
-
Size
23KB
-
MD5
44fb09efceb3e81150181ad3ecbeed20
-
SHA1
512d19f550c4115e05b4255ac773f0c2189154e4
-
SHA256
4fcd6f2fc384fccc0040ad53e9c7b53ad99f00307f048c78a89dfac7edc08501
-
SHA512
69d1e2a3b18dcd9d8d4a901aac098caaefdddc2ed40a63aaaa94e4ac1a86d7fe5ced69c964f974410079e2d91deea13fdf54cbdba89e4c3ae952aea1902916d3
-
SSDEEP
384:eoWtkEwn65rgjAsGipk55D16xgXakhbZD0mRvR6JZlbw8hqIusZzZIC:R7O89p2rRpcnug
-
Modifies Windows Firewall
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Matrix ATT&CK v13
Persistence
Create or Modify System Process
1Windows Service
1Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Event Triggered Execution
1Netsh Helper DLL
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Event Triggered Execution
1Netsh Helper DLL
1