7535a30a2ad1c0eab0f548e75880147526eaf042f51f51d8cf1471e69f5b9015 | Triage

Sharing

General

Target

1cefbb0182282eeee18fa3de3a3ee690_NeikiAnalytics
Size

434KB
Sample

240512-rsbphadd96
MD5

1cefbb0182282eeee18fa3de3a3ee690
SHA1

598b59f6970ab149ce516b29398dae4799c7b5c1
SHA256

7535a30a2ad1c0eab0f548e75880147526eaf042f51f51d8cf1471e69f5b9015
SHA512

f0c6ae6997fd28da5aebd7dc2ed285f73dd4d87ff8bae2899d27e1cf5604741680f37b1c26ad471a1149b05f415d9c280b645038d2ba9dd0319fab782d759bac
SSDEEP

6144:QpZ3bDQxSGYwVnXMo0X+mYJhqoxGfDxIAmZ4IB2mMWjWVWreN3SUeDRiwxELHIE0:QpZ3fG

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  1cefbb0182282eeee18fa3de3a3ee690_NeikiAnalytics
- Size
  
  434KB
- MD5
  
  1cefbb0182282eeee18fa3de3a3ee690
- SHA1
  
  598b59f6970ab149ce516b29398dae4799c7b5c1
- SHA256
  
  7535a30a2ad1c0eab0f548e75880147526eaf042f51f51d8cf1471e69f5b9015
- SHA512
  
  f0c6ae6997fd28da5aebd7dc2ed285f73dd4d87ff8bae2899d27e1cf5604741680f37b1c26ad471a1149b05f415d9c280b645038d2ba9dd0319fab782d759bac
- SSDEEP
  
  6144:QpZ3bDQxSGYwVnXMo0X+mYJhqoxGfDxIAmZ4IB2mMWjWVWreN3SUeDRiwxELHIE0:QpZ3fG
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2