a3ee05fa6ec6f5a23f3f5cfd869a499067bdaed50c89ab5b4a1cc5144fa41f20 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

320446bc1d7386d4fb5943eeafaf8000_NeikiAnalytics
Size

240KB
Sample

240515-zmfp9sbf34
MD5

320446bc1d7386d4fb5943eeafaf8000
SHA1

de94f8658178c8df6877fa350bf7e183d9e4e62e
SHA256

a3ee05fa6ec6f5a23f3f5cfd869a499067bdaed50c89ab5b4a1cc5144fa41f20
SHA512

12034a2bf8359802b95efe5c4fc99b7edf5aa869b9f07783a95694658c030c5891f14ce3de0af39c381847e9025197aa930773eacb660f2589be9f1429bc4865
SSDEEP

3072:LLXKkjSbFcpOtHrAPgxed6BYudlNPMAvAURfE+Hxgu+tAcrbFAJc+RsUi1aVDkOh:L7K8SbFcwtHrIyedZwlNPjLs+H8rtMs4

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  320446bc1d7386d4fb5943eeafaf8000_NeikiAnalytics
- Size
  
  240KB
- MD5
  
  320446bc1d7386d4fb5943eeafaf8000
- SHA1
  
  de94f8658178c8df6877fa350bf7e183d9e4e62e
- SHA256
  
  a3ee05fa6ec6f5a23f3f5cfd869a499067bdaed50c89ab5b4a1cc5144fa41f20
- SHA512
  
  12034a2bf8359802b95efe5c4fc99b7edf5aa869b9f07783a95694658c030c5891f14ce3de0af39c381847e9025197aa930773eacb660f2589be9f1429bc4865
- SSDEEP
  
  3072:LLXKkjSbFcpOtHrAPgxed6BYudlNPMAvAURfE+Hxgu+tAcrbFAJc+RsUi1aVDkOh:L7K8SbFcwtHrIyedZwlNPjLs+H8rtMs4
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2