72f87ba293119eab0c766da2df8f8a35b4f33932086330be39ba9be9514bbc52 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d6be1772380ae056a08c5f6e6f685280_NeikiAnalytics
Size

434KB
Sample

240515-r1hg1sdg91
MD5

d6be1772380ae056a08c5f6e6f685280
SHA1

111c25165a87a5e4f51d53298c494d79068aebbf
SHA256

72f87ba293119eab0c766da2df8f8a35b4f33932086330be39ba9be9514bbc52
SHA512

4b0ef6d1631c1aa1d4e82a506d63d20bb94dfb5f91934e9d4290d236bdbe56cb4dc5ed6c61f3d2daa40a25836a27377a66523f96c552ca0f7a29dfee9bc1747d
SSDEEP

12288:UWMxd3ZxDmOQjkMmVY2gsvmQjBImVYymVY2gsv:eZ9Y2gsHYNY2gs

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  d6be1772380ae056a08c5f6e6f685280_NeikiAnalytics
- Size
  
  434KB
- MD5
  
  d6be1772380ae056a08c5f6e6f685280
- SHA1
  
  111c25165a87a5e4f51d53298c494d79068aebbf
- SHA256
  
  72f87ba293119eab0c766da2df8f8a35b4f33932086330be39ba9be9514bbc52
- SHA512
  
  4b0ef6d1631c1aa1d4e82a506d63d20bb94dfb5f91934e9d4290d236bdbe56cb4dc5ed6c61f3d2daa40a25836a27377a66523f96c552ca0f7a29dfee9bc1747d
- SSDEEP
  
  12288:UWMxd3ZxDmOQjkMmVY2gsvmQjBImVYymVY2gsv:eZ9Y2gsHYNY2gs
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2