575158ee360d0fd2b4cc4ad51b62b3d2a1c26e2d6d6efe45f73739b796194c76 | Triage

Sharing

General

Target

d9d0247fdc9c450faf1ead38f4768d60_NeikiAnalytics
Size

464KB
Sample

240516-l4mcgsfg84
MD5

d9d0247fdc9c450faf1ead38f4768d60
SHA1

8f71d29ac38db86f746c9e283e71535213b36b0c
SHA256

575158ee360d0fd2b4cc4ad51b62b3d2a1c26e2d6d6efe45f73739b796194c76
SHA512

35d23ae3dabf10c9a5368023c32c9eb12e710163a0458c353293a771f16f59d7bbe3f0ddbac7660246d038e05e830f4980df123450bddb04cb9f8a5bf85509fc
SSDEEP

12288:kD0ah2kkkkK4kXkkkkkkkkl888888888888888888nusG:kD0ah2kkkkK4kXkkkkkkkkK

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  d9d0247fdc9c450faf1ead38f4768d60_NeikiAnalytics
- Size
  
  464KB
- MD5
  
  d9d0247fdc9c450faf1ead38f4768d60
- SHA1
  
  8f71d29ac38db86f746c9e283e71535213b36b0c
- SHA256
  
  575158ee360d0fd2b4cc4ad51b62b3d2a1c26e2d6d6efe45f73739b796194c76
- SHA512
  
  35d23ae3dabf10c9a5368023c32c9eb12e710163a0458c353293a771f16f59d7bbe3f0ddbac7660246d038e05e830f4980df123450bddb04cb9f8a5bf85509fc
- SSDEEP
  
  12288:kD0ah2kkkkK4kXkkkkkkkkl888888888888888888nusG:kD0ah2kkkkK4kXkkkkkkkkK
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2