General

  • Target

    037c2e9fff6289a0246ff287ca80484f02fff6a77b175793d3df0490217abafb_NeikiAnalytics.exe

  • Size

    45KB

  • Sample

    240623-sjhbcsvhla

  • MD5

    767ef8634350ec4b48a83e5067f53a60

  • SHA1

    061e4e227e3198340561570971261a8595e348c7

  • SHA256

    037c2e9fff6289a0246ff287ca80484f02fff6a77b175793d3df0490217abafb

  • SHA512

    f83ed684a58732e078ccc95223ee936bd4274e08435765e34a972f8710c88f51aade3d676695ae9ef256840f8be488978a00a2aa04bf7b0cb2aa3cc78065abd2

  • SSDEEP

    768:ahP0kDE9N5dCA8J7VHXdrIniQaBTT+QQ+r1n4K8+C9TtIuCjaqUODvJVQ2f:WsWE9N5dFu53dsniQaB/xZ14n7zIF+qr

Malware Config

Targets

    • Target

      037c2e9fff6289a0246ff287ca80484f02fff6a77b175793d3df0490217abafb_NeikiAnalytics.exe

    • Size

      45KB

    • MD5

      767ef8634350ec4b48a83e5067f53a60

    • SHA1

      061e4e227e3198340561570971261a8595e348c7

    • SHA256

      037c2e9fff6289a0246ff287ca80484f02fff6a77b175793d3df0490217abafb

    • SHA512

      f83ed684a58732e078ccc95223ee936bd4274e08435765e34a972f8710c88f51aade3d676695ae9ef256840f8be488978a00a2aa04bf7b0cb2aa3cc78065abd2

    • SSDEEP

      768:ahP0kDE9N5dCA8J7VHXdrIniQaBTT+QQ+r1n4K8+C9TtIuCjaqUODvJVQ2f:WsWE9N5dFu53dsniQaB/xZ14n7zIF+qr

    • Tinba / TinyBanker

      Banking trojan which uses packet sniffing to steal data.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Adds Run key to start application

MITRE ATT&CK Matrix ATT&CK v13

Persistence

Boot or Logon Autostart Execution

1
T1547

Registry Run Keys / Startup Folder

1
T1547.001

Privilege Escalation

Boot or Logon Autostart Execution

1
T1547

Registry Run Keys / Startup Folder

1
T1547.001

Defense Evasion

Modify Registry

1
T1112

Tasks