5d878e25f960d1621992b37bd550b3b6f3248d8d2c47f6cec084085847624f11 | Triage

Sharing

General

Target

d7d309e9383b0989b866d2318efb0d87_NeikiAnalytics.exe
Size

77KB
Sample

240517-jz41maha94
MD5

d7d309e9383b0989b866d2318efb0d87
SHA1

893b643a151c7940eec48645d32df064c8e14d72
SHA256

5d878e25f960d1621992b37bd550b3b6f3248d8d2c47f6cec084085847624f11
SHA512

78fdfd2850aa76d88502ed860636eb4a55efc22a31c86a99bec658f394b060d8dd66faf2dd6591c0ce418949e3d0c4d189692d8559a9d7cbeefbcba38aa00597
SSDEEP

1536:Mex3ZqLchXV8bkw4oUoyjH48LN3dvE35vTP2LtCwfi+TjRC/D:/x3ZceXibqopyDPLpds35LUQwf1TjYD

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  d7d309e9383b0989b866d2318efb0d87_NeikiAnalytics.exe
- Size
  
  77KB
- MD5
  
  d7d309e9383b0989b866d2318efb0d87
- SHA1
  
  893b643a151c7940eec48645d32df064c8e14d72
- SHA256
  
  5d878e25f960d1621992b37bd550b3b6f3248d8d2c47f6cec084085847624f11
- SHA512
  
  78fdfd2850aa76d88502ed860636eb4a55efc22a31c86a99bec658f394b060d8dd66faf2dd6591c0ce418949e3d0c4d189692d8559a9d7cbeefbcba38aa00597
- SSDEEP
  
  1536:Mex3ZqLchXV8bkw4oUoyjH48LN3dvE35vTP2LtCwfi+TjRC/D:/x3ZceXibqopyDPLpds35LUQwf1TjYD
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2