9621f4a0a128829e4e1f93f1a76fb6002563f1a33554373d96c30ab32644c124 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

179d4cb1fda6e40737e62c227e05b000_NeikiAnalytics
Size

159KB
Sample

240509-2xv9tabf8s
MD5

179d4cb1fda6e40737e62c227e05b000
SHA1

d0b31db2ccdfbf67d3b42fcf40dc5d81e576ac76
SHA256

9621f4a0a128829e4e1f93f1a76fb6002563f1a33554373d96c30ab32644c124
SHA512

b8a403f9d0cc0283b4400c15633d7ca844bfcd0a1942501ac0fc30499c0d169c5185fba4358a5bdfd2591ef8e55008a4a64c3042b73fd2143835993712605ec3
SSDEEP

3072:wncbeOhJuaoC4wIkFbwf1nFzwSAJB8FgBY5nd/M9dA:w2RhJuK4w7O1n6xJmPM9dA

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  179d4cb1fda6e40737e62c227e05b000_NeikiAnalytics
- Size
  
  159KB
- MD5
  
  179d4cb1fda6e40737e62c227e05b000
- SHA1
  
  d0b31db2ccdfbf67d3b42fcf40dc5d81e576ac76
- SHA256
  
  9621f4a0a128829e4e1f93f1a76fb6002563f1a33554373d96c30ab32644c124
- SHA512
  
  b8a403f9d0cc0283b4400c15633d7ca844bfcd0a1942501ac0fc30499c0d169c5185fba4358a5bdfd2591ef8e55008a4a64c3042b73fd2143835993712605ec3
- SSDEEP
  
  3072:wncbeOhJuaoC4wIkFbwf1nFzwSAJB8FgBY5nd/M9dA:w2RhJuK4w7O1n6xJmPM9dA
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2