afd7a9661b7bc810104a5def987cfde57ae8c7b5e5c6beb195603d2b54a5e7a9 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ca93e31077fb65ffc6078d2137c23fa0_NeikiAnalytics
Size

130KB
Sample

240510-m2l5daad81
MD5

ca93e31077fb65ffc6078d2137c23fa0
SHA1

85cc25dc7c3964cf3b9bd6eca7703e43b906ca5a
SHA256

afd7a9661b7bc810104a5def987cfde57ae8c7b5e5c6beb195603d2b54a5e7a9
SHA512

9e2e987d5cb199edad257cb0567c5f5a3a64fe6ada14bcce13b88eff2f3ac8b83312bb989833b7c81fc39a448194291aa77a567abfe3987f87cce3cdcb8ca286
SSDEEP

1536:lsEqouTRcG/Mzvgf7xEuvnXNTRdUzwTekUOisZ1yDDajtX2akS13:rqoCl/YgjxEufVU0TbTyDDal2703

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  ca93e31077fb65ffc6078d2137c23fa0_NeikiAnalytics
- Size
  
  130KB
- MD5
  
  ca93e31077fb65ffc6078d2137c23fa0
- SHA1
  
  85cc25dc7c3964cf3b9bd6eca7703e43b906ca5a
- SHA256
  
  afd7a9661b7bc810104a5def987cfde57ae8c7b5e5c6beb195603d2b54a5e7a9
- SHA512
  
  9e2e987d5cb199edad257cb0567c5f5a3a64fe6ada14bcce13b88eff2f3ac8b83312bb989833b7c81fc39a448194291aa77a567abfe3987f87cce3cdcb8ca286
- SSDEEP
  
  1536:lsEqouTRcG/Mzvgf7xEuvnXNTRdUzwTekUOisZ1yDDajtX2akS13:rqoCl/YgjxEufVU0TbTyDDal2703
Score

10^/10

evasion persistence
- Modifies visiblity of hidden/system files in Explorer
  evasion
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Scheduled Task/Job

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Scheduled Task/Job

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence