48f4f996e6a41f8431e6d662aaa1ff53e80b336762d4121ef58d5cd5a3e74f19 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d391521d6e973b4f6b36c4875e447100_NeikiAnalytics
Size

318KB
Sample

240515-qe8xeaah61
MD5

d391521d6e973b4f6b36c4875e447100
SHA1

6cfa878f5486806c09bd2fa07100fe83af271e36
SHA256

48f4f996e6a41f8431e6d662aaa1ff53e80b336762d4121ef58d5cd5a3e74f19
SHA512

bffd0a3b848dccdcf7ff89c6dc4375cac4d4dfeb9d82bebc2611cd9e82cf7dd7912561d6021affe6db7121af868f770266a9ab48dfb98daf1a3a336525c7c4d6
SSDEEP

6144:4sepZ7iRVEQHdMcm4FmowdHoS7c5cm4FmowdHoSrNF9xRVEQHd4:ZTO4wFHoS04wFHoSrZx8

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  d391521d6e973b4f6b36c4875e447100_NeikiAnalytics
- Size
  
  318KB
- MD5
  
  d391521d6e973b4f6b36c4875e447100
- SHA1
  
  6cfa878f5486806c09bd2fa07100fe83af271e36
- SHA256
  
  48f4f996e6a41f8431e6d662aaa1ff53e80b336762d4121ef58d5cd5a3e74f19
- SHA512
  
  bffd0a3b848dccdcf7ff89c6dc4375cac4d4dfeb9d82bebc2611cd9e82cf7dd7912561d6021affe6db7121af868f770266a9ab48dfb98daf1a3a336525c7c4d6
- SSDEEP
  
  6144:4sepZ7iRVEQHdMcm4FmowdHoS7c5cm4FmowdHoSrNF9xRVEQHd4:ZTO4wFHoS04wFHoSrZx8
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2