General
-
Target
20e94e4db92261f763df2f327fbe1500ffb8e9f0a9fc5aa4d22e391739006c30_NeikiAnalytics.exe
-
Size
159KB
-
Sample
240621-abss1sxcrq
-
MD5
a6175afd020bca03c21f40c68e6f6c00
-
SHA1
d10613895346d1fee033688c7fee97ffbc5b7cc4
-
SHA256
20e94e4db92261f763df2f327fbe1500ffb8e9f0a9fc5aa4d22e391739006c30
-
SHA512
7af679e41f1324e7b83436e3085d5cadde9635abed9f7032ca880a0baa74b89d69b076911c6fbc8eecfa04828b0b706f955ec71f67039ef59e11102b8910009f
-
SSDEEP
1536:JxqjQ+P04wsmJC5D5WK1qlfFd5eeeeeeeeWeeeeeju3Mz8HjuhhzLcL7WX718DVL:sr85C51zqlfFjVwH0pL2yL6Lr85C
Behavioral task
behavioral1
Sample
20e94e4db92261f763df2f327fbe1500ffb8e9f0a9fc5aa4d22e391739006c30_NeikiAnalytics.exe
Resource
win7-20240508-en
Malware Config
Targets
-
-
Target
20e94e4db92261f763df2f327fbe1500ffb8e9f0a9fc5aa4d22e391739006c30_NeikiAnalytics.exe
-
Size
159KB
-
MD5
a6175afd020bca03c21f40c68e6f6c00
-
SHA1
d10613895346d1fee033688c7fee97ffbc5b7cc4
-
SHA256
20e94e4db92261f763df2f327fbe1500ffb8e9f0a9fc5aa4d22e391739006c30
-
SHA512
7af679e41f1324e7b83436e3085d5cadde9635abed9f7032ca880a0baa74b89d69b076911c6fbc8eecfa04828b0b706f955ec71f67039ef59e11102b8910009f
-
SSDEEP
1536:JxqjQ+P04wsmJC5D5WK1qlfFd5eeeeeeeeWeeeeeju3Mz8HjuhhzLcL7WX718DVL:sr85C51zqlfFjVwH0pL2yL6Lr85C
-
Detect Neshta payload
-
Modifies security service
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Phorphiex payload
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Adds Run key to start application
-
MITRE ATT&CK Matrix ATT&CK v13
Persistence
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Change Default File Association
1Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1