a3c14507b50483ecba96fb4a66439f7eea78dfb16c9fdbbea77e4a687e277e11 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

75e1ceb7fefbaf07f50f4b47af5bd270_NeikiAnalytics
Size

136KB
Sample

240515-ef6mwsgd43
MD5

75e1ceb7fefbaf07f50f4b47af5bd270
SHA1

b08243dec7419c9ba74c0ada002489ea65fab9de
SHA256

a3c14507b50483ecba96fb4a66439f7eea78dfb16c9fdbbea77e4a687e277e11
SHA512

9a214ef2d5267c91c45b11f891da61aa1bfec8f393ba9224fa861c7d6d8949e5d240ba816b561a2398aa20737f1db86d2182ddf6201606643a7c1f073078e8e7
SSDEEP

3072:6KcmDHqhbspBPsohLwdNbw+Y92xQuohLwdNbw5bxH0zVWccA:nrobqBPsohxd2Quohdbd0zscj

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  75e1ceb7fefbaf07f50f4b47af5bd270_NeikiAnalytics
- Size
  
  136KB
- MD5
  
  75e1ceb7fefbaf07f50f4b47af5bd270
- SHA1
  
  b08243dec7419c9ba74c0ada002489ea65fab9de
- SHA256
  
  a3c14507b50483ecba96fb4a66439f7eea78dfb16c9fdbbea77e4a687e277e11
- SHA512
  
  9a214ef2d5267c91c45b11f891da61aa1bfec8f393ba9224fa861c7d6d8949e5d240ba816b561a2398aa20737f1db86d2182ddf6201606643a7c1f073078e8e7
- SSDEEP
  
  3072:6KcmDHqhbspBPsohLwdNbw+Y92xQuohLwdNbw5bxH0zVWccA:nrobqBPsohxd2Quohdbd0zscj
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2