4675a9e9e4b093934b14354495676e460886086f8235e25f8d2c90f227d4e8a3 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a8218070ad49b1eaef81351bd03b2910_NeikiAnalytics
Size

391KB
Sample

240511-ka6nlabd63
MD5

a8218070ad49b1eaef81351bd03b2910
SHA1

da79fc1463bd158c21a6fbf1e112be17f83cf195
SHA256

4675a9e9e4b093934b14354495676e460886086f8235e25f8d2c90f227d4e8a3
SHA512

e28fc71d0c44455332b98621c5fa80d972826cb30746d888953a3ca0c1073726748c30dd1f779177336fe7e463fb2a82cb49d22d0ae9141b05c86154d4c14de5
SSDEEP

6144:HU9TPqqhWla7gaAfbAfNtTAfMAfFAfNPUmKyIxLfYeOO9UmKyIxL:09LqqhaagmNtuhUNP3cOK3

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  a8218070ad49b1eaef81351bd03b2910_NeikiAnalytics
- Size
  
  391KB
- MD5
  
  a8218070ad49b1eaef81351bd03b2910
- SHA1
  
  da79fc1463bd158c21a6fbf1e112be17f83cf195
- SHA256
  
  4675a9e9e4b093934b14354495676e460886086f8235e25f8d2c90f227d4e8a3
- SHA512
  
  e28fc71d0c44455332b98621c5fa80d972826cb30746d888953a3ca0c1073726748c30dd1f779177336fe7e463fb2a82cb49d22d0ae9141b05c86154d4c14de5
- SSDEEP
  
  6144:HU9TPqqhWla7gaAfbAfNtTAfMAfFAfNPUmKyIxLfYeOO9UmKyIxL:09LqqhaagmNtuhUNP3cOK3
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2