6df95eda44b50d472ff4101d63d8d3e37752e60a8c531abb89bba34931ba9ed5 | Triage

Sharing

General

Target

2c24611a2a60a3223de5ca736e420c80_NeikiAnalytics
Size

256KB
Sample

240511-xqksaacf9z
MD5

2c24611a2a60a3223de5ca736e420c80
SHA1

1eaa7d806d5719b4b4c15ded29cf470e5042e6f8
SHA256

6df95eda44b50d472ff4101d63d8d3e37752e60a8c531abb89bba34931ba9ed5
SHA512

03f338e42b9229e663f5e0ba7e511d9eabad1b4ede9ccb6dd1a7a5719a0142428c4cdd4071a723858a7d1de4b64a9ead5eaf17f69f0b6f5eab28aadee605a928
SSDEEP

6144:IeldtIvlnZV4U/vlf0DrBqvl8ZV4U/vlfl+9X:TlrIvD6IveDVqvQ6Ivk

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  2c24611a2a60a3223de5ca736e420c80_NeikiAnalytics
- Size
  
  256KB
- MD5
  
  2c24611a2a60a3223de5ca736e420c80
- SHA1
  
  1eaa7d806d5719b4b4c15ded29cf470e5042e6f8
- SHA256
  
  6df95eda44b50d472ff4101d63d8d3e37752e60a8c531abb89bba34931ba9ed5
- SHA512
  
  03f338e42b9229e663f5e0ba7e511d9eabad1b4ede9ccb6dd1a7a5719a0142428c4cdd4071a723858a7d1de4b64a9ead5eaf17f69f0b6f5eab28aadee605a928
- SSDEEP
  
  6144:IeldtIvlnZV4U/vlf0DrBqvl8ZV4U/vlfl+9X:TlrIvD6IveDVqvQ6Ivk
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2