baab629f24a816e5653fb8cbdeaa4dd036737189aa41001ae830b3f0bfd922c4 | Triage

Sharing

General

Target

19710b472639020cb70403c26dc0bcf0_NeikiAnalytics
Size

487KB
Sample

240510-19zmbsfh55
MD5

19710b472639020cb70403c26dc0bcf0
SHA1

4df4120008c1fa3455f499e10e7a36f03ee59d7f
SHA256

baab629f24a816e5653fb8cbdeaa4dd036737189aa41001ae830b3f0bfd922c4
SHA512

1f737ca4e92c0f0733ab6af7450721f243debd0e57f024db03032e40ede441265ba8a683fba92d816139a8c1121e9f6147724e135c99a9ed5bf059c575c91737
SSDEEP

6144:ySZ3Hd3KbubsAAGbr///NR5f7DM2y/JAQ///NR5fLYG3eujPQ///NR5f:ySZt3Ao7/NzDMTx/NcZ7/N

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  19710b472639020cb70403c26dc0bcf0_NeikiAnalytics
- Size
  
  487KB
- MD5
  
  19710b472639020cb70403c26dc0bcf0
- SHA1
  
  4df4120008c1fa3455f499e10e7a36f03ee59d7f
- SHA256
  
  baab629f24a816e5653fb8cbdeaa4dd036737189aa41001ae830b3f0bfd922c4
- SHA512
  
  1f737ca4e92c0f0733ab6af7450721f243debd0e57f024db03032e40ede441265ba8a683fba92d816139a8c1121e9f6147724e135c99a9ed5bf059c575c91737
- SSDEEP
  
  6144:ySZ3Hd3KbubsAAGbr///NR5f7DM2y/JAQ///NR5fLYG3eujPQ///NR5f:ySZt3Ao7/NzDMTx/NcZ7/N
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2