99c0d8d9ad7230760e271840bb6fe8ddbe2550abb43ff8e7745226e3fa842599 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0c222fa3c05578e22d00c14bb7c380d0_NeikiAnalytics
Size

182KB
Sample

240515-wj2lsacf39
MD5

0c222fa3c05578e22d00c14bb7c380d0
SHA1

a1cc5070ad4b74093892e9e0f3746a55172853bf
SHA256

99c0d8d9ad7230760e271840bb6fe8ddbe2550abb43ff8e7745226e3fa842599
SHA512

f8ee3ffc46d101101001eb235961bc4eab92b8b7c6ec2bf7e03a6ae19d9bbc10fe7caafb883779fb793fcfff5cc07121e2e970cefde152be83efe9f02ed23d74
SSDEEP

1536:RGVMQQtzeALjwfNZWACywipdb6+cy2LJ7nguPw9uVgA53+RrKJs2zjFS3ldkBOLg:Eoh8fSzOd2nJ7nguPnVgA53+GpOc

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  0c222fa3c05578e22d00c14bb7c380d0_NeikiAnalytics
- Size
  
  182KB
- MD5
  
  0c222fa3c05578e22d00c14bb7c380d0
- SHA1
  
  a1cc5070ad4b74093892e9e0f3746a55172853bf
- SHA256
  
  99c0d8d9ad7230760e271840bb6fe8ddbe2550abb43ff8e7745226e3fa842599
- SHA512
  
  f8ee3ffc46d101101001eb235961bc4eab92b8b7c6ec2bf7e03a6ae19d9bbc10fe7caafb883779fb793fcfff5cc07121e2e970cefde152be83efe9f02ed23d74
- SSDEEP
  
  1536:RGVMQQtzeALjwfNZWACywipdb6+cy2LJ7nguPw9uVgA53+RrKJs2zjFS3ldkBOLg:Eoh8fSzOd2nJ7nguPnVgA53+GpOc
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2