General
-
Target
323e3c649b1914c9bbc380ea16b970df35c9b1723ea7d903912c4f1f3a7dbdab_NeikiAnalytics.exe
-
Size
2.5MB
-
Sample
240701-d2pe3ayblj
-
MD5
048b14e9e5ada2a0f077d830af4383e0
-
SHA1
228ae4e627d700db79c8b866c00c6818564ea3d2
-
SHA256
323e3c649b1914c9bbc380ea16b970df35c9b1723ea7d903912c4f1f3a7dbdab
-
SHA512
c6755f9836a68f465418451a20d606e6f1819b3871b2b663bd84481f114b5bdf2cc1ed905b523ff27421147e9d3f40c5e6c45b2e6a3b5be8b1696ecb4e7ad775
-
SSDEEP
49152:sf4a+2CTAF1ja2hrkJ0UXeFvcpnIUsLgLfjnWspdwnicE6LvPpeGP/UOLpOYC9:m+bAjhhrkaUXeFvcE+fKYihEeomLpOH9
Static task
static1
Behavioral task
behavioral1
Sample
323e3c649b1914c9bbc380ea16b970df35c9b1723ea7d903912c4f1f3a7dbdab_NeikiAnalytics.exe
Resource
win7-20240611-en
Malware Config
Targets
-
-
Target
323e3c649b1914c9bbc380ea16b970df35c9b1723ea7d903912c4f1f3a7dbdab_NeikiAnalytics.exe
-
Size
2.5MB
-
MD5
048b14e9e5ada2a0f077d830af4383e0
-
SHA1
228ae4e627d700db79c8b866c00c6818564ea3d2
-
SHA256
323e3c649b1914c9bbc380ea16b970df35c9b1723ea7d903912c4f1f3a7dbdab
-
SHA512
c6755f9836a68f465418451a20d606e6f1819b3871b2b663bd84481f114b5bdf2cc1ed905b523ff27421147e9d3f40c5e6c45b2e6a3b5be8b1696ecb4e7ad775
-
SSDEEP
49152:sf4a+2CTAF1ja2hrkJ0UXeFvcpnIUsLgLfjnWspdwnicE6LvPpeGP/UOLpOYC9:m+bAjhhrkaUXeFvcE+fKYihEeomLpOH9
-
XMRig Miner payload
-
Command and Scripting Interpreter: PowerShell
Run Powershell to modify Windows Defender settings to add exclusions for file extensions, paths, and processes.
-
Power Settings
powercfg controls all configurable power system settings on a Windows system and can be abused to prevent an infected host from locking or shutting down.
-
Drops file in System32 directory
-
Suspicious use of SetThreadContext
-