95ea1d0c23ff7f81aa7be5aa7d833f130dab92f70cf7e0fdc296df5b139e0000 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bdf4e30003218760a626d85d2238e9d0_NeikiAnalytics
Size

384KB
Sample

240515-lqm2vsbg58
MD5

bdf4e30003218760a626d85d2238e9d0
SHA1

da2f724ca1e91e881b534aa1f3ee981eeff649d1
SHA256

95ea1d0c23ff7f81aa7be5aa7d833f130dab92f70cf7e0fdc296df5b139e0000
SHA512

b41cac7ad319a117b7899df49b703bb391f84910d33a1c4b1c023c2040f2e0f8f99ffd6a5184b8c2261e50456f8fa137a24455ef6d411473f4134b4b3969697f
SSDEEP

6144:+ZxHPllllll61RE8SeNpgdyuH1lZfRo0V8JcgE+ezpg12:+ZxHPllllll61G87g7/VycgE82

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  bdf4e30003218760a626d85d2238e9d0_NeikiAnalytics
- Size
  
  384KB
- MD5
  
  bdf4e30003218760a626d85d2238e9d0
- SHA1
  
  da2f724ca1e91e881b534aa1f3ee981eeff649d1
- SHA256
  
  95ea1d0c23ff7f81aa7be5aa7d833f130dab92f70cf7e0fdc296df5b139e0000
- SHA512
  
  b41cac7ad319a117b7899df49b703bb391f84910d33a1c4b1c023c2040f2e0f8f99ffd6a5184b8c2261e50456f8fa137a24455ef6d411473f4134b4b3969697f
- SSDEEP
  
  6144:+ZxHPllllll61RE8SeNpgdyuH1lZfRo0V8JcgE+ezpg12:+ZxHPllllll61G87g7/VycgE82
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2