eb09ea5b0cd0c914fdcf79b047c43991312679fd718b748bc75f341c9a616b9a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1d547d2fd2080fd60cb7f5e8490ed6e0_NeikiAnalytics.exe
Size

364KB
Sample

240519-xn824ada3w
MD5

1d547d2fd2080fd60cb7f5e8490ed6e0
SHA1

8e5d62885c665cf5e41523a08b3530ed6c25978f
SHA256

eb09ea5b0cd0c914fdcf79b047c43991312679fd718b748bc75f341c9a616b9a
SHA512

f824a743cb993e4e41c79a49930be1b35f8889441d9862ae8d6a8dc678faa562a94479ab16da2ed378a5e628112103af6284af622dc207999bfe7353e4c62f2a
SSDEEP

6144:dR/QDv1V+tbFOLM77OLnFe3HCqxNRmJ4PavntPRRI:dtQDGtsNePmjvtPRRI

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  1d547d2fd2080fd60cb7f5e8490ed6e0_NeikiAnalytics.exe
- Size
  
  364KB
- MD5
  
  1d547d2fd2080fd60cb7f5e8490ed6e0
- SHA1
  
  8e5d62885c665cf5e41523a08b3530ed6c25978f
- SHA256
  
  eb09ea5b0cd0c914fdcf79b047c43991312679fd718b748bc75f341c9a616b9a
- SHA512
  
  f824a743cb993e4e41c79a49930be1b35f8889441d9862ae8d6a8dc678faa562a94479ab16da2ed378a5e628112103af6284af622dc207999bfe7353e4c62f2a
- SSDEEP
  
  6144:dR/QDv1V+tbFOLM77OLnFe3HCqxNRmJ4PavntPRRI:dtQDGtsNePmjvtPRRI
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2