bb938d087093aa41cdcc47dab4f39c7177e3e45f5d5b0f7f821291c5861bff3f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c49ccc234f8f6249858f27dc045cf250_NeikiAnalytics
Size

482KB
Sample

240515-mckj9ach84
MD5

c49ccc234f8f6249858f27dc045cf250
SHA1

b566b9cbf319e7d19675492bcfe1c2f18c6c6703
SHA256

bb938d087093aa41cdcc47dab4f39c7177e3e45f5d5b0f7f821291c5861bff3f
SHA512

8a20ac4cbb4f626744f6390fe84f6240537d52e828c4b31256b5201e3fb76274ee37308b8f023372166b0199fe40441f11972806b9e56083c8e4166933b38141
SSDEEP

6144:o6RSvVc+Ll+wGXAF2PbgKLVGFM6234lKm3mo8Yvi4KsLTFM6234lKm3:DRSvNLMwGXAF5KLVGFB24lwR45FB24l

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  c49ccc234f8f6249858f27dc045cf250_NeikiAnalytics
- Size
  
  482KB
- MD5
  
  c49ccc234f8f6249858f27dc045cf250
- SHA1
  
  b566b9cbf319e7d19675492bcfe1c2f18c6c6703
- SHA256
  
  bb938d087093aa41cdcc47dab4f39c7177e3e45f5d5b0f7f821291c5861bff3f
- SHA512
  
  8a20ac4cbb4f626744f6390fe84f6240537d52e828c4b31256b5201e3fb76274ee37308b8f023372166b0199fe40441f11972806b9e56083c8e4166933b38141
- SSDEEP
  
  6144:o6RSvVc+Ll+wGXAF2PbgKLVGFM6234lKm3mo8Yvi4KsLTFM6234lKm3:DRSvNLMwGXAF5KLVGFB24lwR45FB24l
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2