26892ca9b837b611a941e51e7ab836e94a107efeb0f09c1fafb880bc91058c54 | Triage

Sharing

General

Target

dfbda02d52db3d7e91a2534453a180d0_NeikiAnalytics
Size

192KB
Sample

240516-qam45sdh81
MD5

dfbda02d52db3d7e91a2534453a180d0
SHA1

f8f57393534c851e7babe16e6ebfbd7a29df7e66
SHA256

26892ca9b837b611a941e51e7ab836e94a107efeb0f09c1fafb880bc91058c54
SHA512

1206ab7585e78949eb07839a91d0d58d00e590d8b43bf7835e0d2931396437868189a15ac93d18b1a82df4684a6ecae3722c82f7e63a557ee4edce86b0411696
SSDEEP

3072:gsw1Wpnrpg0JCZDsG9Chibp3XZNKzp+KmEKeFKPD375lHzpa1P2FU6UK7q4+5DbY:vprpgPD8hiFb+MKmEKeYr75lHzpaF2e2

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  dfbda02d52db3d7e91a2534453a180d0_NeikiAnalytics
- Size
  
  192KB
- MD5
  
  dfbda02d52db3d7e91a2534453a180d0
- SHA1
  
  f8f57393534c851e7babe16e6ebfbd7a29df7e66
- SHA256
  
  26892ca9b837b611a941e51e7ab836e94a107efeb0f09c1fafb880bc91058c54
- SHA512
  
  1206ab7585e78949eb07839a91d0d58d00e590d8b43bf7835e0d2931396437868189a15ac93d18b1a82df4684a6ecae3722c82f7e63a557ee4edce86b0411696
- SSDEEP
  
  3072:gsw1Wpnrpg0JCZDsG9Chibp3XZNKzp+KmEKeFKPD375lHzpa1P2FU6UK7q4+5DbY:vprpgPD8hiFb+MKmEKeYr75lHzpaF2e2
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2