e2f804c46e7792500f99d96db23b72be7b83e7b243bbc3e6d5a2f82c9e3c5326 | Triage

Sharing

General

Target

1095cbe1f473bd1a7dd9802d349f3710_NeikiAnalytics.exe
Size

80KB
Sample

240517-wcl8hsbb44
MD5

1095cbe1f473bd1a7dd9802d349f3710
SHA1

04e50e19c4d3550804b2d4d01f28e5cb033c9201
SHA256

e2f804c46e7792500f99d96db23b72be7b83e7b243bbc3e6d5a2f82c9e3c5326
SHA512

a80d25d0907d72bb814a0b30f8100b514a312512cc376537028fad4b31da7724cbdf24ae6a2c4e8adc4f5b5f785b24f8ca873158ec94523978674e43b33675bd
SSDEEP

1536:9m8xr73jAFHLq8vDuWzr02LgS5DUHRbPa9b6i+sIk:lxr73ke8vDNNgS5DSCopsIk

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  1095cbe1f473bd1a7dd9802d349f3710_NeikiAnalytics.exe
- Size
  
  80KB
- MD5
  
  1095cbe1f473bd1a7dd9802d349f3710
- SHA1
  
  04e50e19c4d3550804b2d4d01f28e5cb033c9201
- SHA256
  
  e2f804c46e7792500f99d96db23b72be7b83e7b243bbc3e6d5a2f82c9e3c5326
- SHA512
  
  a80d25d0907d72bb814a0b30f8100b514a312512cc376537028fad4b31da7724cbdf24ae6a2c4e8adc4f5b5f785b24f8ca873158ec94523978674e43b33675bd
- SSDEEP
  
  1536:9m8xr73jAFHLq8vDuWzr02LgS5DUHRbPa9b6i+sIk:lxr73ke8vDNNgS5DSCopsIk
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2