2b3b8ad91a730c976787456c457c41089799b7d1a0c1a6e1063ef2bc32029af8 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2b3b8ad91a730c976787456c457c41089799b7d1a0c1a6e1063ef2bc32029af8_NeikiAnalytics
Size

123KB
Sample

240521-lcgb6agc2v
MD5

eb7abf5ad18fb401212479d45969ddf0
SHA1

6e61ede51eceadfe77bce111de4608cd042f8faa
SHA256

2b3b8ad91a730c976787456c457c41089799b7d1a0c1a6e1063ef2bc32029af8
SHA512

155feb6fb49206c638a090ecc8733a4b73bee397095a8ff2a9188a3c7dcd8272b5d5bb630ae90370f5096e730a27b3452cb5c808f93dad77cac84823a4aeae46
SSDEEP

3072:BeRuYioHpX0W4EdOhf/auIQRYSa9rR85DEn5k7r8:quYVJZHwfC7Q4rQD85k/8

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  2b3b8ad91a730c976787456c457c41089799b7d1a0c1a6e1063ef2bc32029af8_NeikiAnalytics
- Size
  
  123KB
- MD5
  
  eb7abf5ad18fb401212479d45969ddf0
- SHA1
  
  6e61ede51eceadfe77bce111de4608cd042f8faa
- SHA256
  
  2b3b8ad91a730c976787456c457c41089799b7d1a0c1a6e1063ef2bc32029af8
- SHA512
  
  155feb6fb49206c638a090ecc8733a4b73bee397095a8ff2a9188a3c7dcd8272b5d5bb630ae90370f5096e730a27b3452cb5c808f93dad77cac84823a4aeae46
- SSDEEP
  
  3072:BeRuYioHpX0W4EdOhf/auIQRYSa9rR85DEn5k7r8:quYVJZHwfC7Q4rQD85k/8
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2