Overview

overview

10

Static

static

3

67895a6fcf...cs.exe

windows7-x64

10

67895a6fcf...cs.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    67895a6fcf70922260cdf0290efeb030_NeikiAnalytics.exe

  • Size

    77KB

  • Sample

    240618-3tq2cszane

  • MD5

    67895a6fcf70922260cdf0290efeb030

  • SHA1

    b871190ef2119d5019d863181da5e779f66ffd25

  • SHA256

    3ad542454cca84317040356ae6dbaf6f767907e285d466740afa1e174f1261be

  • SHA512

    db23ad4a945a2e3a5e94a887968aa7608c62769cf61c442c8f37e954907ed5a96e03bace2ab16d114e21e05520dec68bc50598f33703ad054118f0c1545517ac

  • SSDEEP

    1536:vCWDKUlsCZD1mh8txVQnlRIFYK4Ncp1wDLqH/:6hjTO/

Score
10/10
upatredownloader

Malware Config

Targets

    • Target

      67895a6fcf70922260cdf0290efeb030_NeikiAnalytics.exe

    • Size

      77KB

    • MD5

      67895a6fcf70922260cdf0290efeb030

    • SHA1

      b871190ef2119d5019d863181da5e779f66ffd25

    • SHA256

      3ad542454cca84317040356ae6dbaf6f767907e285d466740afa1e174f1261be

    • SHA512

      db23ad4a945a2e3a5e94a887968aa7608c62769cf61c442c8f37e954907ed5a96e03bace2ab16d114e21e05520dec68bc50598f33703ad054118f0c1545517ac

    • SSDEEP

      1536:vCWDKUlsCZD1mh8txVQnlRIFYK4Ncp1wDLqH/:6hjTO/

    Score
    10/10
    upatredownloader

    • Upatre

      Upatre is a generic malware downloader.

      downloaderupatre

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks