Overview

overview

8

Static

static

3

d2542ab3c4...cs.exe

windows7-x64

8

d2542ab3c4...cs.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    d2542ab3c43da827e13400c85e5582b0_NeikiAnalytics

  • Size

    354KB

  • Sample

    240515-pt2wzahg2z

  • MD5

    d2542ab3c43da827e13400c85e5582b0

  • SHA1

    90cac0bda3a0a3113d6cdaf4e427767c71a4be80

  • SHA256

    14511d79d4bae991892e98102865bdd595a6c757f2fd7a22abcd3a8d7fa1fe03

  • SHA512

    0735a4acfd4d37146a6f063fe12079a1b2e59f71f4bb686f0de2dc2b4cec6d29b042475a524ba89041cd52e21bb307c69dd3ab6826d9b7959513f10a86c860e7

  • SSDEEP

    6144:FgLCraBy/yW/B+RnkP+6bRWrqC1C/B+zheDy/B+G/B+G/B+Z8Quc64c:FgMaBy/yQZ+VqCmKRBBdH

Score
8/10
persistenceupx

Malware Config

Targets

    • Target

      d2542ab3c43da827e13400c85e5582b0_NeikiAnalytics

    • Size

      354KB

    • MD5

      d2542ab3c43da827e13400c85e5582b0

    • SHA1

      90cac0bda3a0a3113d6cdaf4e427767c71a4be80

    • SHA256

      14511d79d4bae991892e98102865bdd595a6c757f2fd7a22abcd3a8d7fa1fe03

    • SHA512

      0735a4acfd4d37146a6f063fe12079a1b2e59f71f4bb686f0de2dc2b4cec6d29b042475a524ba89041cd52e21bb307c69dd3ab6826d9b7959513f10a86c860e7

    • SSDEEP

      6144:FgLCraBy/yW/B+RnkP+6bRWrqC1C/B+zheDy/B+G/B+G/B+Z8Quc64c:FgMaBy/yQZ+VqCmKRBBdH

    Score
    8/10
    persistenceupx

    • Drops file in Drivers directory

    • Sets service image path in registry

      persistence

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Adds Run key to start application

      persistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks