756ded3fd4a32d60b823bdc37c0743d4970c11af39b527e000975e709b39d863 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

aba992f55ee03c2d0a37d6e5085a3b90_NeikiAnalytics
Size

96KB
Sample

240513-krb6baga86
MD5

aba992f55ee03c2d0a37d6e5085a3b90
SHA1

a288f304f8ac1efce38b705784f660f9f9d8069f
SHA256

756ded3fd4a32d60b823bdc37c0743d4970c11af39b527e000975e709b39d863
SHA512

a2c350a240bcf31f0fd6ab0e9f300d2b8ebbaa71a490e89e56af04d9c04be37a56ed1402f5ee0ae64aad31dcdeb61f8b18d82ae073ed477327eab09ebd3e3665
SSDEEP

1536:rtxwjjK7lp27GjV3P1YIlToyzrmgJztJcECld+FNMmNxTDTTTTTTTTNhb2GIiuTp:Jqjm7lMyzr9zJcECl8F+sbI

Score

10^/10

evasion

Malware Config

Targets

- Target
  
  aba992f55ee03c2d0a37d6e5085a3b90_NeikiAnalytics
- Size
  
  96KB
- MD5
  
  aba992f55ee03c2d0a37d6e5085a3b90
- SHA1
  
  a288f304f8ac1efce38b705784f660f9f9d8069f
- SHA256
  
  756ded3fd4a32d60b823bdc37c0743d4970c11af39b527e000975e709b39d863
- SHA512
  
  a2c350a240bcf31f0fd6ab0e9f300d2b8ebbaa71a490e89e56af04d9c04be37a56ed1402f5ee0ae64aad31dcdeb61f8b18d82ae073ed477327eab09ebd3e3665
- SSDEEP
  
  1536:rtxwjjK7lp27GjV3P1YIlToyzrmgJztJcECld+FNMmNxTDTTTTTTTTNhb2GIiuTp:Jqjm7lMyzr9zJcECl8F+sbI
Score

10^/10

evasion
- Modifies firewall policy service
  evasion
- Drops file in Drivers directory
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2