Overview

overview

10

Static

static

3

989ffd12e9...cs.exe

windows7-x64

10

989ffd12e9...cs.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    989ffd12e9a98091531b723fcf8c9c70_NeikiAnalytics

  • Size

    211KB

  • Sample

    240511-hrb47seg58

  • MD5

    989ffd12e9a98091531b723fcf8c9c70

  • SHA1

    89cf2cf42d4b4185b2aeb86c17120ccd65b6f8ff

  • SHA256

    e4f07e89324316124af072ee7b86d6415e49220ea4529f207c97adda2d24f8a7

  • SHA512

    229e4519add50bcb764448e1d1eed8835e573f3a342967c809e811ccdc3a174eaff9f7e5967521dccb00d05643cab197c3b9e79738b4711515fa01383e26e27d

  • SSDEEP

    3072:bDpM9Nvih5c9DE1pvAPXIHLfMgw7ySBL8PEAjAfIbAYGPJz6sPJBINFZ1FqnB:b1iNKQxENHLfMgw7y9Zr6

Score
10/10
evasionpersistence

Malware Config

Targets

    • Target

      989ffd12e9a98091531b723fcf8c9c70_NeikiAnalytics

    • Size

      211KB

    • MD5

      989ffd12e9a98091531b723fcf8c9c70

    • SHA1

      89cf2cf42d4b4185b2aeb86c17120ccd65b6f8ff

    • SHA256

      e4f07e89324316124af072ee7b86d6415e49220ea4529f207c97adda2d24f8a7

    • SHA512

      229e4519add50bcb764448e1d1eed8835e573f3a342967c809e811ccdc3a174eaff9f7e5967521dccb00d05643cab197c3b9e79738b4711515fa01383e26e27d

    • SSDEEP

      3072:bDpM9Nvih5c9DE1pvAPXIHLfMgw7ySBL8PEAjAfIbAYGPJz6sPJBINFZ1FqnB:b1iNKQxENHLfMgw7y9Zr6

    Score
    10/10
    evasionpersistence

    • Modifies WinLogon for persistence

      persistence

    • Modifies visiblity of hidden/system files in Explorer

      evasion

    • Modifies Installed Components in the registry

      persistence

    • Executes dropped EXE

    • Adds Run key to start application

      persistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks