b56ca0654403033dc49c377234d0e3db566b33eddfccc766e65f415c592918c5 | Triage

Sharing

General

Target

d414f75e784f1c2b33bef32fc9d087d0_NeikiAnalytics
Size

203KB
Sample

240515-qperbabf22
MD5

d414f75e784f1c2b33bef32fc9d087d0
SHA1

8fab640e1b0d220513c73d16a16c27f372c3b439
SHA256

b56ca0654403033dc49c377234d0e3db566b33eddfccc766e65f415c592918c5
SHA512

79c4941ac2a7dc4456e211e0ef769fe719fb4fdda14c15143064732ed6cdda7edf5526bb96e0a995f0714caa8bc605f0154f44160232decd8267cdc1a46128d0
SSDEEP

6144:Vil4eNJaDftnJfKXqPTX7D7FM6234lKm3mo8YG:gljNUrtJCXqP77D7FB24lwT

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  d414f75e784f1c2b33bef32fc9d087d0_NeikiAnalytics
- Size
  
  203KB
- MD5
  
  d414f75e784f1c2b33bef32fc9d087d0
- SHA1
  
  8fab640e1b0d220513c73d16a16c27f372c3b439
- SHA256
  
  b56ca0654403033dc49c377234d0e3db566b33eddfccc766e65f415c592918c5
- SHA512
  
  79c4941ac2a7dc4456e211e0ef769fe719fb4fdda14c15143064732ed6cdda7edf5526bb96e0a995f0714caa8bc605f0154f44160232decd8267cdc1a46128d0
- SSDEEP
  
  6144:Vil4eNJaDftnJfKXqPTX7D7FM6234lKm3mo8YG:gljNUrtJCXqP77D7FB24lwT
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2