0af5d6edc2b371856bbb3eb31146c044f41b66fa8be09d39ef4449978c7902cc | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6eb1afe79852a79ccbfe35bf0c928c30_NeikiAnalytics
Size

318KB
Sample

240509-smbyrabc56
MD5

6eb1afe79852a79ccbfe35bf0c928c30
SHA1

3a4ecfc18792c78879d5522d9ccb63d4cdec0b8b
SHA256

0af5d6edc2b371856bbb3eb31146c044f41b66fa8be09d39ef4449978c7902cc
SHA512

2c72bf83ed0906021753a644c91b2917d5863de41ed3683f7228b6d0ca429e251bd7841c73b04af7e77d406ddcf052a0de25e40a8c144294d1d70c5c2ecd8a4a
SSDEEP

6144:J2VOrdBjzfRVEQHdMcm4FmowdHoS7c5cm4FmowdHoSrNF9xRVEQHd4:kmjDO4wFHoS04wFHoSrZx8

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  6eb1afe79852a79ccbfe35bf0c928c30_NeikiAnalytics
- Size
  
  318KB
- MD5
  
  6eb1afe79852a79ccbfe35bf0c928c30
- SHA1
  
  3a4ecfc18792c78879d5522d9ccb63d4cdec0b8b
- SHA256
  
  0af5d6edc2b371856bbb3eb31146c044f41b66fa8be09d39ef4449978c7902cc
- SHA512
  
  2c72bf83ed0906021753a644c91b2917d5863de41ed3683f7228b6d0ca429e251bd7841c73b04af7e77d406ddcf052a0de25e40a8c144294d1d70c5c2ecd8a4a
- SSDEEP
  
  6144:J2VOrdBjzfRVEQHdMcm4FmowdHoS7c5cm4FmowdHoSrNF9xRVEQHd4:kmjDO4wFHoS04wFHoSrZx8
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2