16ef087f1604eed235d6bea59c7bf34c12237becb5c0b346d3e2102da69f2145 | Triage

Sharing

General

Target

16ef087f1604eed235d6bea59c7bf34c12237becb5c0b346d3e2102da69f2145_NeikiAnalytics
Size

64KB
Sample

240521-hy7vfscd48
MD5

887375bbd684c0c15ac5d87344e975e3
SHA1

d0dc7953756aff878fe18aa8c4dc30349b6bd41e
SHA256

16ef087f1604eed235d6bea59c7bf34c12237becb5c0b346d3e2102da69f2145
SHA512

ca958db51a7062a4b2dc2387eb1b8d7b81c0f94ed46705179d169b43494ca8f2f3920d5a1bb00b1076cc4d3c79ed6cfa373d0385bfd4d32f4f4ffe924272c2e5
SSDEEP

1536:U+YLs5UT6b93gExdWgAnsc87Y2LtrDWBi:U+kToCEOgorMpt2Bi

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  16ef087f1604eed235d6bea59c7bf34c12237becb5c0b346d3e2102da69f2145_NeikiAnalytics
- Size
  
  64KB
- MD5
  
  887375bbd684c0c15ac5d87344e975e3
- SHA1
  
  d0dc7953756aff878fe18aa8c4dc30349b6bd41e
- SHA256
  
  16ef087f1604eed235d6bea59c7bf34c12237becb5c0b346d3e2102da69f2145
- SHA512
  
  ca958db51a7062a4b2dc2387eb1b8d7b81c0f94ed46705179d169b43494ca8f2f3920d5a1bb00b1076cc4d3c79ed6cfa373d0385bfd4d32f4f4ffe924272c2e5
- SSDEEP
  
  1536:U+YLs5UT6b93gExdWgAnsc87Y2LtrDWBi:U+kToCEOgorMpt2Bi
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2