General

  • Target

    35c78e7828d3a5eca1d33ca33149ad70_NeikiAnalytics

  • Size

    337KB

  • Sample

    240514-18gecsbg33

  • MD5

    35c78e7828d3a5eca1d33ca33149ad70

  • SHA1

    eed26d175d925d4d814472abbd648efb88e6d40f

  • SHA256

    167aaecaade260352f23b4994b27df77a902b5a74d52acf1bf08ca75902e8cf9

  • SHA512

    63b65ba443820ffc6d54a58c5a1ec807d2eee20cd0858525c1998edf59077aa3c451e950ef559c2eca665ac71bcb5474cd0c91aecdbc437547b4a8d490877f1f

  • SSDEEP

    3072:gYF0rA1l7Nz6ZvsW/rPKtgYfc0DV+1BIyLK5jZWlfXXqyYwi8x4Yfc09:FnRz6ZvsAit1+fIyG5jZkCwi8r

Malware Config

Targets

    • Target

      35c78e7828d3a5eca1d33ca33149ad70_NeikiAnalytics

    • Size

      337KB

    • MD5

      35c78e7828d3a5eca1d33ca33149ad70

    • SHA1

      eed26d175d925d4d814472abbd648efb88e6d40f

    • SHA256

      167aaecaade260352f23b4994b27df77a902b5a74d52acf1bf08ca75902e8cf9

    • SHA512

      63b65ba443820ffc6d54a58c5a1ec807d2eee20cd0858525c1998edf59077aa3c451e950ef559c2eca665ac71bcb5474cd0c91aecdbc437547b4a8d490877f1f

    • SSDEEP

      3072:gYF0rA1l7Nz6ZvsW/rPKtgYfc0DV+1BIyLK5jZWlfXXqyYwi8x4Yfc09:FnRz6ZvsAit1+fIyG5jZkCwi8r

    • Adds autorun key to be loaded by Explorer.exe on startup

    • njRAT/Bladabindi

      Widely used RAT written in .NET.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks