5b6e887af2f215862b907218469b8e2e8deebe37f7b3f89f31401b130a5389ed | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f7ccc501a3d5910c36ef1ea89812f290_NeikiAnalytics
Size

280KB
Sample

240509-zpldjaeb4w
MD5

f7ccc501a3d5910c36ef1ea89812f290
SHA1

56cd2824b67d7a93d946530791b2bb9b9ea3a039
SHA256

5b6e887af2f215862b907218469b8e2e8deebe37f7b3f89f31401b130a5389ed
SHA512

14d4708bff00d897acba5354e3ec7d19dbf5c2f1d72b17d4bb8bb6557b704c69df40d96abee6d07469375faddaab0ec7be6135ad1b844c3db1cd4a8804f6a219
SSDEEP

6144:qazDM9QirIFzi/GOORjMmRUoooooooooooooooooooooooooy/G3:7zI9xrI5i//OVLCoooooooooooooooom

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  f7ccc501a3d5910c36ef1ea89812f290_NeikiAnalytics
- Size
  
  280KB
- MD5
  
  f7ccc501a3d5910c36ef1ea89812f290
- SHA1
  
  56cd2824b67d7a93d946530791b2bb9b9ea3a039
- SHA256
  
  5b6e887af2f215862b907218469b8e2e8deebe37f7b3f89f31401b130a5389ed
- SHA512
  
  14d4708bff00d897acba5354e3ec7d19dbf5c2f1d72b17d4bb8bb6557b704c69df40d96abee6d07469375faddaab0ec7be6135ad1b844c3db1cd4a8804f6a219
- SSDEEP
  
  6144:qazDM9QirIFzi/GOORjMmRUoooooooooooooooooooooooooy/G3:7zI9xrI5i//OVLCoooooooooooooooom
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2