638a986982d63c68d6b82c885ec565164eb8c12d82a6e48db1de200858963fba | Triage

Sharing

General

Target

661d00e1dabffbf922ce29544c1c4760_NeikiAnalytics
Size

741KB
Sample

240509-r8fcmafd2z
MD5

661d00e1dabffbf922ce29544c1c4760
SHA1

eccec63f4fd0153b555f2e19734595c97f213881
SHA256

638a986982d63c68d6b82c885ec565164eb8c12d82a6e48db1de200858963fba
SHA512

c927cfd89e110f0731f3242d3c091c60b4a1ebc9efce774d1dd0196dd8f11b5034722fea04e3363ba12121e598fe0c5421ecf37e4d1f00c2a727d03752611d2e
SSDEEP

12288:ltTuhrf45I8jWtJ8OgL27rd69bk5NCgGhSFB79gYhLIf6EQ9EYcw1FA:lIt4kt0Kd6F6CNzYhUiEWEYcwY

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  661d00e1dabffbf922ce29544c1c4760_NeikiAnalytics
- Size
  
  741KB
- MD5
  
  661d00e1dabffbf922ce29544c1c4760
- SHA1
  
  eccec63f4fd0153b555f2e19734595c97f213881
- SHA256
  
  638a986982d63c68d6b82c885ec565164eb8c12d82a6e48db1de200858963fba
- SHA512
  
  c927cfd89e110f0731f3242d3c091c60b4a1ebc9efce774d1dd0196dd8f11b5034722fea04e3363ba12121e598fe0c5421ecf37e4d1f00c2a727d03752611d2e
- SSDEEP
  
  12288:ltTuhrf45I8jWtJ8OgL27rd69bk5NCgGhSFB79gYhLIf6EQ9EYcw1FA:lIt4kt0Kd6F6CNzYhUiEWEYcwY
Score

10^/10

evasion persistence
- Modifies visiblity of hidden/system files in Explorer
  evasion
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Drops file in System32 directory
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Scheduled Task/Job

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Scheduled Task/Job

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence