9be7eebee64c9159e5fe3eb8d401343653a0cfd9d9a6a2eb716bf4de2cc47447 | Triage

Sharing

General

Target

bf98f317072f04b2771e5ef3df0f5400_NeikiAnalytics.exe
Size

136KB
Sample

240520-gqem9sef52
MD5

bf98f317072f04b2771e5ef3df0f5400
SHA1

b854e8917fbd051a7422bb210c120c06544fa420
SHA256

9be7eebee64c9159e5fe3eb8d401343653a0cfd9d9a6a2eb716bf4de2cc47447
SHA512

c94db6a107b21f80a4af685ab0c143105f2e6f3667e51757bdbbbfdfb9bb8a3035f00093767b8fc26986bd60cd7b7396bc03b3974c5c879779839f885005372b
SSDEEP

3072:oL6WAB1RJ6Q30/6BPpQUBmvI8++hi/mjRrz3OT:hJrk/OhQUBWId+hi/GOT

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  bf98f317072f04b2771e5ef3df0f5400_NeikiAnalytics.exe
- Size
  
  136KB
- MD5
  
  bf98f317072f04b2771e5ef3df0f5400
- SHA1
  
  b854e8917fbd051a7422bb210c120c06544fa420
- SHA256
  
  9be7eebee64c9159e5fe3eb8d401343653a0cfd9d9a6a2eb716bf4de2cc47447
- SHA512
  
  c94db6a107b21f80a4af685ab0c143105f2e6f3667e51757bdbbbfdfb9bb8a3035f00093767b8fc26986bd60cd7b7396bc03b3974c5c879779839f885005372b
- SSDEEP
  
  3072:oL6WAB1RJ6Q30/6BPpQUBmvI8++hi/mjRrz3OT:hJrk/OhQUBWId+hi/GOT
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2