Overview

overview

10

Static

static

3

8ccba27524...cs.exe

windows7-x64

10

8ccba27524...cs.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    8ccba27524702aa439f9d96a4839e880_NeikiAnalytics.exe

  • Size

    399KB

  • Sample

    240523-z8pv3ahb74

  • MD5

    8ccba27524702aa439f9d96a4839e880

  • SHA1

    b04931256c2c29ba90187f690abc0650f0296c67

  • SHA256

    1240f84ae11b51ca9766ec2a76bae948617057743ffa65b9cfb180bd25e8e7e5

  • SHA512

    3c3c02ceca4b8f772e3e1ee4cfb63bc28b13abe71e83aa9b0c59de368218f4a095c19ce1e94e8da0e4b5ed174419f8452b264a1f13c9a1a5a769e4849cb6bc43

  • SSDEEP

    6144:GY9C8QyNrFwMvv4ZQ5lV8TDk9F1vtANCX2G8NTW5za8DkAd44y:GAfOMgQ5luq2GE

Score
10/10
upatredownloader

Malware Config

Targets

    • Target

      8ccba27524702aa439f9d96a4839e880_NeikiAnalytics.exe

    • Size

      399KB

    • MD5

      8ccba27524702aa439f9d96a4839e880

    • SHA1

      b04931256c2c29ba90187f690abc0650f0296c67

    • SHA256

      1240f84ae11b51ca9766ec2a76bae948617057743ffa65b9cfb180bd25e8e7e5

    • SHA512

      3c3c02ceca4b8f772e3e1ee4cfb63bc28b13abe71e83aa9b0c59de368218f4a095c19ce1e94e8da0e4b5ed174419f8452b264a1f13c9a1a5a769e4849cb6bc43

    • SSDEEP

      6144:GY9C8QyNrFwMvv4ZQ5lV8TDk9F1vtANCX2G8NTW5za8DkAd44y:GAfOMgQ5luq2GE

    Score
    10/10
    upatredownloader

    • Upatre

      Upatre is a generic malware downloader.

      downloaderupatre

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks