355f1f515896baf61295d27b9e156522b8b422f521389fe789365c0a9a49fa40 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

cde242739638b2e8502ee36b4f7b2bc0_NeikiAnalytics.exe
Size

259KB
Sample

240517-h76czsff44
MD5

cde242739638b2e8502ee36b4f7b2bc0
SHA1

f943d821020795297cc5c2abe476c1e0da5baef4
SHA256

355f1f515896baf61295d27b9e156522b8b422f521389fe789365c0a9a49fa40
SHA512

d7847ad90aa73981d59589bb08f8b4b0a9c989fafb1600d22f23008f04e7ba7e26aaaf69d3986cb16124fb41882833577f452bdc6c78ce961180c6ee133bd138
SSDEEP

3072:RkvKvLXg88F1J9IDlRxyhTbhgu+tAcrzkAqSxYIhOmTsF93UYfwC6GIoutz5yLp:Rkcw88F1sDshsrYIcm4FmowdHoSa

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  cde242739638b2e8502ee36b4f7b2bc0_NeikiAnalytics.exe
- Size
  
  259KB
- MD5
  
  cde242739638b2e8502ee36b4f7b2bc0
- SHA1
  
  f943d821020795297cc5c2abe476c1e0da5baef4
- SHA256
  
  355f1f515896baf61295d27b9e156522b8b422f521389fe789365c0a9a49fa40
- SHA512
  
  d7847ad90aa73981d59589bb08f8b4b0a9c989fafb1600d22f23008f04e7ba7e26aaaf69d3986cb16124fb41882833577f452bdc6c78ce961180c6ee133bd138
- SSDEEP
  
  3072:RkvKvLXg88F1J9IDlRxyhTbhgu+tAcrzkAqSxYIhOmTsF93UYfwC6GIoutz5yLp:Rkcw88F1sDshsrYIcm4FmowdHoSa
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2