General
-
Target
731c62a6d58d1e6e241223aac7e8944953dfc455f49d5d52c76fe190aa5a79e9_NeikiAnalytics.exe
-
Size
4.8MB
-
Sample
240622-ar1hsssamn
-
MD5
818fdf6427bd80cda82b12b7e6058240
-
SHA1
341f2b36dc1a23312534dff236cbaa6b66f05703
-
SHA256
731c62a6d58d1e6e241223aac7e8944953dfc455f49d5d52c76fe190aa5a79e9
-
SHA512
90e0720c9317500522eb98b2510f1ab2ad4b2358342f9a62c374f4a3ced88d62ba74ac8f4e7ccb7d66da028db49ef15878e3ac2b00d69704506838c2ed42c7f3
-
SSDEEP
49152:6Hyjtk2MYC5GDKHyjtk2MYC5GDXB9N7nwvZQbh1lMg8h9f/47/nOn9:6mtk2azmtk2aaRwOPagU9InOn9
Behavioral task
behavioral1
Sample
731c62a6d58d1e6e241223aac7e8944953dfc455f49d5d52c76fe190aa5a79e9_NeikiAnalytics.exe
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
731c62a6d58d1e6e241223aac7e8944953dfc455f49d5d52c76fe190aa5a79e9_NeikiAnalytics.exe
Resource
win10v2004-20240611-en
Malware Config
Targets
-
-
Target
731c62a6d58d1e6e241223aac7e8944953dfc455f49d5d52c76fe190aa5a79e9_NeikiAnalytics.exe
-
Size
4.8MB
-
MD5
818fdf6427bd80cda82b12b7e6058240
-
SHA1
341f2b36dc1a23312534dff236cbaa6b66f05703
-
SHA256
731c62a6d58d1e6e241223aac7e8944953dfc455f49d5d52c76fe190aa5a79e9
-
SHA512
90e0720c9317500522eb98b2510f1ab2ad4b2358342f9a62c374f4a3ced88d62ba74ac8f4e7ccb7d66da028db49ef15878e3ac2b00d69704506838c2ed42c7f3
-
SSDEEP
49152:6Hyjtk2MYC5GDKHyjtk2MYC5GDXB9N7nwvZQbh1lMg8h9f/47/nOn9:6mtk2azmtk2aaRwOPagU9InOn9
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Adds Run key to start application
-
MITRE ATT&CK Matrix ATT&CK v13
Persistence
Event Triggered Execution
1Change Default File Association
1Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1