6229d1807a29d9632980d59f2934c35c8c9c689d86460a9430cb20a471cab638 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c5c6758042f6cfecb4264951495c3c90_NeikiAnalytics
Size

55KB
Sample

240514-parlwsfa46
MD5

c5c6758042f6cfecb4264951495c3c90
SHA1

a949161af003bff8d33c94b1688c6bc223c6c870
SHA256

6229d1807a29d9632980d59f2934c35c8c9c689d86460a9430cb20a471cab638
SHA512

40c7ab5bd2efbdf91d19942e9f2d729d83b3ca1bc0b71da29a64d58f8b34f8f10b97ac1acb1332249370d89e96e842fd1f9bed23ef55a9b850edce789a6114f3
SSDEEP

768:kyQQXR6J7c7b35Z8GEqZY7XBK4CTdFMahh5Fnp6UGqAXjJOWvUYbHcY2p/1H5aTH:vcZc7bzSqeTOFRbbiEqU8cY2LAR

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  c5c6758042f6cfecb4264951495c3c90_NeikiAnalytics
- Size
  
  55KB
- MD5
  
  c5c6758042f6cfecb4264951495c3c90
- SHA1
  
  a949161af003bff8d33c94b1688c6bc223c6c870
- SHA256
  
  6229d1807a29d9632980d59f2934c35c8c9c689d86460a9430cb20a471cab638
- SHA512
  
  40c7ab5bd2efbdf91d19942e9f2d729d83b3ca1bc0b71da29a64d58f8b34f8f10b97ac1acb1332249370d89e96e842fd1f9bed23ef55a9b850edce789a6114f3
- SSDEEP
  
  768:kyQQXR6J7c7b35Z8GEqZY7XBK4CTdFMahh5Fnp6UGqAXjJOWvUYbHcY2p/1H5aTH:vcZc7bzSqeTOFRbbiEqU8cY2LAR
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2