7c026996301b1c6322a7dbbc7de4c7c7bcab199734ee3b08d52bce292763523e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0a9cfd4da36d02a2853bc414e4b55870_NeikiAnalytics.exe
Size

192KB
Sample

240516-wvss1shd3z
MD5

0a9cfd4da36d02a2853bc414e4b55870
SHA1

3dcbb8fdb8fae5456a536d5fc86d288b8c08518d
SHA256

7c026996301b1c6322a7dbbc7de4c7c7bcab199734ee3b08d52bce292763523e
SHA512

c3fa6f86a33f29d6c3ef5478cd651c78825616a60360cca0b0e1cab3dc138e12f84b6d43ed533b3f791b1705f66d7b065390d770d92b4c7501906cf0d91be8bd
SSDEEP

3072:VMYFdFoAZMEHVXsTbIEjuDd1AZoUBW3FJeRuaWNXmgu+tAcrbFAJc+RsUi1aVDk5:VMwP7yD98dWZHEFJ7aWN1rtMsP

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  0a9cfd4da36d02a2853bc414e4b55870_NeikiAnalytics.exe
- Size
  
  192KB
- MD5
  
  0a9cfd4da36d02a2853bc414e4b55870
- SHA1
  
  3dcbb8fdb8fae5456a536d5fc86d288b8c08518d
- SHA256
  
  7c026996301b1c6322a7dbbc7de4c7c7bcab199734ee3b08d52bce292763523e
- SHA512
  
  c3fa6f86a33f29d6c3ef5478cd651c78825616a60360cca0b0e1cab3dc138e12f84b6d43ed533b3f791b1705f66d7b065390d770d92b4c7501906cf0d91be8bd
- SSDEEP
  
  3072:VMYFdFoAZMEHVXsTbIEjuDd1AZoUBW3FJeRuaWNXmgu+tAcrbFAJc+RsUi1aVDk5:VMwP7yD98dWZHEFJ7aWN1rtMsP
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2