9c67771ebb57540be75e2c27f7ab604f8ab6fa1386adf6e9c3e8bfcaa447c326 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c34c5041f38de10dc56fd38b0cf020d0_NeikiAnalytics.exe
Size

582KB
Sample

240517-hd48tsea3t
MD5

c34c5041f38de10dc56fd38b0cf020d0
SHA1

7cbb2dc222781341d05bfc6751ebb3ad8829650d
SHA256

9c67771ebb57540be75e2c27f7ab604f8ab6fa1386adf6e9c3e8bfcaa447c326
SHA512

7b1aab8b3b81a6f5adc1ff00e34b16c85ce19ba55896984d414119d743e5eac3e1114b4581d42de966c8b8e98d7dc279805eca55a7b803a9a13954a5c90e0a0f
SSDEEP

12288:BdPNbK7tYNrekcPYNrq6+gmCAYNrekcPYNrB:BdPwakaF+gqakad

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  c34c5041f38de10dc56fd38b0cf020d0_NeikiAnalytics.exe
- Size
  
  582KB
- MD5
  
  c34c5041f38de10dc56fd38b0cf020d0
- SHA1
  
  7cbb2dc222781341d05bfc6751ebb3ad8829650d
- SHA256
  
  9c67771ebb57540be75e2c27f7ab604f8ab6fa1386adf6e9c3e8bfcaa447c326
- SHA512
  
  7b1aab8b3b81a6f5adc1ff00e34b16c85ce19ba55896984d414119d743e5eac3e1114b4581d42de966c8b8e98d7dc279805eca55a7b803a9a13954a5c90e0a0f
- SSDEEP
  
  12288:BdPNbK7tYNrekcPYNrq6+gmCAYNrekcPYNrB:BdPwakaF+gqakad
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2