General

  • Target

    3b5f4b83745a92ae503d587137f27b259e68a24e8b606a67553f588d6217764c_NeikiAnalytics.exe

  • Size

    732KB

  • Sample

    240627-cmbpzsxdka

  • MD5

    1e997e2884d9efd081c81c4afdfc74b0

  • SHA1

    c4d22928f3b4a7c39660aa3a9f176334bed6c205

  • SHA256

    3b5f4b83745a92ae503d587137f27b259e68a24e8b606a67553f588d6217764c

  • SHA512

    689fce448ac825dfa3f125ffb8201bf24508ecaa72f9c68d5677d97d6ca7a53707e4765d0c2362579654143766a1fae86b89677a9a935c8de46302eed97bde39

  • SSDEEP

    12288:VpwABK90BOe/x9lPAYvxPQVjdsAY2XjWlnlpTMMXG91uhKIXn/rb:nwAcu99lPzvxP+Bsz2XjWTRMQckkIXnz

Score
10/10

Malware Config

Targets

    • Target

      3b5f4b83745a92ae503d587137f27b259e68a24e8b606a67553f588d6217764c_NeikiAnalytics.exe

    • Size

      732KB

    • MD5

      1e997e2884d9efd081c81c4afdfc74b0

    • SHA1

      c4d22928f3b4a7c39660aa3a9f176334bed6c205

    • SHA256

      3b5f4b83745a92ae503d587137f27b259e68a24e8b606a67553f588d6217764c

    • SHA512

      689fce448ac825dfa3f125ffb8201bf24508ecaa72f9c68d5677d97d6ca7a53707e4765d0c2362579654143766a1fae86b89677a9a935c8de46302eed97bde39

    • SSDEEP

      12288:VpwABK90BOe/x9lPAYvxPQVjdsAY2XjWlnlpTMMXG91uhKIXn/rb:nwAcu99lPzvxP+Bsz2XjWTRMQckkIXnz

    Score
    10/10
    • Darkcomet

      DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks