3eb771800e37cb2db597d3f84f62763de207f3575e45fb8f20f1b585e6b6129d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0606d7404ffa4106ce0d09690b30c260_NeikiAnalytics.exe
Size

633KB
Sample

240516-wg3q3agg28
MD5

0606d7404ffa4106ce0d09690b30c260
SHA1

6cea45ff61c3714a824108e00c9bc49642329317
SHA256

3eb771800e37cb2db597d3f84f62763de207f3575e45fb8f20f1b585e6b6129d
SHA512

4ca5d8e69b5e3ed601a0f84131a1f28d575c890f83c2e8eaa0d21cadb65afd9878f02f988330ed9bf12a2f0ca91535bca1530295ddac2303b1a648f31911a484
SSDEEP

12288:hrMIztyCK5x8CBmn+RrNbEyWYa0Ie1vUx9V35Hlmdu:3ZyCA8CBmn+RrNj9ay5IpH0

Score

10^/10

evasion

Malware Config

Targets

- Target
  
  0606d7404ffa4106ce0d09690b30c260_NeikiAnalytics.exe
- Size
  
  633KB
- MD5
  
  0606d7404ffa4106ce0d09690b30c260
- SHA1
  
  6cea45ff61c3714a824108e00c9bc49642329317
- SHA256
  
  3eb771800e37cb2db597d3f84f62763de207f3575e45fb8f20f1b585e6b6129d
- SHA512
  
  4ca5d8e69b5e3ed601a0f84131a1f28d575c890f83c2e8eaa0d21cadb65afd9878f02f988330ed9bf12a2f0ca91535bca1530295ddac2303b1a648f31911a484
- SSDEEP
  
  12288:hrMIztyCK5x8CBmn+RrNbEyWYa0Ie1vUx9V35Hlmdu:3ZyCA8CBmn+RrNj9ay5IpH0
Score

10^/10

evasion
- Modifies firewall policy service
  evasion
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2