9785089560c7c76d6cbec24db3ab9563e2d53c0ae19eb11dc3ce07bb4f476bcf | Triage

Sharing

Copy URL Twitter E-mail

General

Target

498afa0a9760a0d97806d7286888c400_NeikiAnalytics
Size

80KB
Sample

240515-abma8sfb31
MD5

498afa0a9760a0d97806d7286888c400
SHA1

436ad9f4040bb0904043c3c8cf666694045cd85a
SHA256

9785089560c7c76d6cbec24db3ab9563e2d53c0ae19eb11dc3ce07bb4f476bcf
SHA512

c4c59c1febc3a7d638aa3a0f4990619d37264d714331f10e751db7e74bf88b758d0d477dbb1d1943397ad050c10b21ef159780f5408820353b39075ca06d22b1
SSDEEP

1536:g9euAWcQIg7bS4BD6eM/KnNs9N7S5YMkhohBE8VGh:6hTbE++9N7+UAEQGh

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  498afa0a9760a0d97806d7286888c400_NeikiAnalytics
- Size
  
  80KB
- MD5
  
  498afa0a9760a0d97806d7286888c400
- SHA1
  
  436ad9f4040bb0904043c3c8cf666694045cd85a
- SHA256
  
  9785089560c7c76d6cbec24db3ab9563e2d53c0ae19eb11dc3ce07bb4f476bcf
- SHA512
  
  c4c59c1febc3a7d638aa3a0f4990619d37264d714331f10e751db7e74bf88b758d0d477dbb1d1943397ad050c10b21ef159780f5408820353b39075ca06d22b1
- SSDEEP
  
  1536:g9euAWcQIg7bS4BD6eM/KnNs9N7S5YMkhohBE8VGh:6hTbE++9N7+UAEQGh
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2