6981f757f5f0d9f427b231c30775a49a3ed09cfb62e6d176fbf2ad1df2ab35be | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1413fd1fd3d007c1a708f857f01c8b90_NeikiAnalytics
Size

64KB
Sample

240514-xyax2sbh8v
MD5

1413fd1fd3d007c1a708f857f01c8b90
SHA1

284015aa3ad91e20e3fc2947b52a311bc716ac7c
SHA256

6981f757f5f0d9f427b231c30775a49a3ed09cfb62e6d176fbf2ad1df2ab35be
SHA512

833c551ab230d172c75d2e3e305b21c9d9adeb332b797bd3fabd29aeebf70bfd1fb3838e4b0af93b5acb80b5f8e8e14df576d4e66fec208424905024bc7cd089
SSDEEP

1536:DyxnlDAN2V6hHHCfPOVh3d6RhasdawPsWl+EI7ygNtn:DyaYidgFdawPsWlrEygL

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  1413fd1fd3d007c1a708f857f01c8b90_NeikiAnalytics
- Size
  
  64KB
- MD5
  
  1413fd1fd3d007c1a708f857f01c8b90
- SHA1
  
  284015aa3ad91e20e3fc2947b52a311bc716ac7c
- SHA256
  
  6981f757f5f0d9f427b231c30775a49a3ed09cfb62e6d176fbf2ad1df2ab35be
- SHA512
  
  833c551ab230d172c75d2e3e305b21c9d9adeb332b797bd3fabd29aeebf70bfd1fb3838e4b0af93b5acb80b5f8e8e14df576d4e66fec208424905024bc7cd089
- SSDEEP
  
  1536:DyxnlDAN2V6hHHCfPOVh3d6RhasdawPsWl+EI7ygNtn:DyaYidgFdawPsWlrEygL
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2