2de725003f0dc31fbafa9c83681f8c381a34be57d0e3385f86be6359581a3334 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ec8eda900f706ddb2ade8d7a725d88f0_NeikiAnalytics.exe
Size

477KB
Sample

240517-psvfhahf74
MD5

ec8eda900f706ddb2ade8d7a725d88f0
SHA1

c4fd7552baa4742a8e966d04ed0c3b24fbee3526
SHA256

2de725003f0dc31fbafa9c83681f8c381a34be57d0e3385f86be6359581a3334
SHA512

dd09733e919803405d3ba9645257f82b14f69918980dc8f53b92d4602ab6e8ef59dcd5b87299072ea038097a892a5a48a0399eae91fc494c93335b4e95a92475
SSDEEP

6144:CzKw+kr6on/TNId/1fon/T9P7GSon/TNId/1fon/T2oI0YokOsfY7Uony:vwDNIVyeNIVy2oIvPKO

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  ec8eda900f706ddb2ade8d7a725d88f0_NeikiAnalytics.exe
- Size
  
  477KB
- MD5
  
  ec8eda900f706ddb2ade8d7a725d88f0
- SHA1
  
  c4fd7552baa4742a8e966d04ed0c3b24fbee3526
- SHA256
  
  2de725003f0dc31fbafa9c83681f8c381a34be57d0e3385f86be6359581a3334
- SHA512
  
  dd09733e919803405d3ba9645257f82b14f69918980dc8f53b92d4602ab6e8ef59dcd5b87299072ea038097a892a5a48a0399eae91fc494c93335b4e95a92475
- SSDEEP
  
  6144:CzKw+kr6on/TNId/1fon/T9P7GSon/TNId/1fon/T2oI0YokOsfY7Uony:vwDNIVyeNIVy2oIvPKO
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2