a39b4afa09b22dc7754c738a3e49cb35422a874bead239ecc417e8186e3705c3 | Triage

Sharing

General

Target

edcb14424d72d06061035647d7e4a6b0_NeikiAnalytics.exe
Size

153KB
Sample

240517-sqvv2adf8x
MD5

edcb14424d72d06061035647d7e4a6b0
SHA1

f02dc1ea3a8ad4d1f80cd2572f7c46a31c5d4c75
SHA256

a39b4afa09b22dc7754c738a3e49cb35422a874bead239ecc417e8186e3705c3
SHA512

cd48840d97092a2fbc251871dafce0e4822358d51cef966e6a619930c9c909ca854d750b68aeebfd2e4d199d678f46a698adc4afe2437cff77bdea6eaee45653
SSDEEP

1536:UfsEqouTRcG/Mzvgf7xEuvnXNTRdUzwTekUOisZ1yDDajtXbVXZa7FZYk+aZP:UVqoCl/YgjxEufVU0TbTyDDalRZaJZP

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  edcb14424d72d06061035647d7e4a6b0_NeikiAnalytics.exe
- Size
  
  153KB
- MD5
  
  edcb14424d72d06061035647d7e4a6b0
- SHA1
  
  f02dc1ea3a8ad4d1f80cd2572f7c46a31c5d4c75
- SHA256
  
  a39b4afa09b22dc7754c738a3e49cb35422a874bead239ecc417e8186e3705c3
- SHA512
  
  cd48840d97092a2fbc251871dafce0e4822358d51cef966e6a619930c9c909ca854d750b68aeebfd2e4d199d678f46a698adc4afe2437cff77bdea6eaee45653
- SSDEEP
  
  1536:UfsEqouTRcG/Mzvgf7xEuvnXNTRdUzwTekUOisZ1yDDajtXbVXZa7FZYk+aZP:UVqoCl/YgjxEufVU0TbTyDDalRZaJZP
Score

10^/10

evasion persistence
- Modifies visiblity of hidden/system files in Explorer
  evasion
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Scheduled Task/Job

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Scheduled Task/Job

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence