022fb377a830dd76646dc0ddbda4891974133dc3b07a910611cb6faa57fc78d2 | Triage

Sharing

General

Target

d486a4809893a5104dac62ac48f99590_NeikiAnalytics
Size

824KB
Sample

240510-nsqlwafe65
MD5

d486a4809893a5104dac62ac48f99590
SHA1

41d612237c2eb1a6be62ccc2f310b473e5facc46
SHA256

022fb377a830dd76646dc0ddbda4891974133dc3b07a910611cb6faa57fc78d2
SHA512

74e750f781c2f3c674940dff9375b7337192af42c3df8845ac252081a1699095ac424400bbd96964d0e411d7f271dcf0f952cc57a798088db98fe7bf304add4a
SSDEEP

12288:FwCBtLC+EptUpQ9SeSChq3YvxFBSSRMT8PTp4ihozEk888888888888W8888888J:pNzCtUpQ9WWPBSSRMTEpXN2

Score

7^/10

Malware Config

Targets

- Target
  
  d486a4809893a5104dac62ac48f99590_NeikiAnalytics
- Size
  
  824KB
- MD5
  
  d486a4809893a5104dac62ac48f99590
- SHA1
  
  41d612237c2eb1a6be62ccc2f310b473e5facc46
- SHA256
  
  022fb377a830dd76646dc0ddbda4891974133dc3b07a910611cb6faa57fc78d2
- SHA512
  
  74e750f781c2f3c674940dff9375b7337192af42c3df8845ac252081a1699095ac424400bbd96964d0e411d7f271dcf0f952cc57a798088db98fe7bf304add4a
- SSDEEP
  
  12288:FwCBtLC+EptUpQ9SeSChq3YvxFBSSRMT8PTp4ihozEk888888888888W8888888J:pNzCtUpQ9WWPBSSRMTEpXN2
Score

7^/10
- Drops startup file
- Loads dropped DLL
- Drops autorun.inf file
  Malware can abuse Windows Autorun to spread further via attached volumes.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Replication Through Removable Media

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Replication Through Removable Media

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2