2d62ca975de47e12f7f46a8b2922ba737f36315df7fd1a56c8d00b06f4e6e1ae | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2d62ca975de47e12f7f46a8b2922ba737f36315df7fd1a56c8d00b06f4e6e1ae_NeikiAnalytics
Size

79KB
Sample

240521-lj2axage78
MD5

5013a99ca2431953e3df4a2f9c565520
SHA1

07598507f1ccb3ae9ff35f8198d0dbfde4a3824d
SHA256

2d62ca975de47e12f7f46a8b2922ba737f36315df7fd1a56c8d00b06f4e6e1ae
SHA512

b76959a9c086b72ab5aa86028b5d396cf4b6d1690223cc5ebd84349e161f71e42369e75bbc39937cb9729612bba7083e0d23c439ae1ee339895cef437929cee3
SSDEEP

1536:dA7HaHpEuxOGw9Hz8PlUEAiFkSIgiItKq9v6DK:+O14Gw9HA9UEAixtBtKq9vV

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  2d62ca975de47e12f7f46a8b2922ba737f36315df7fd1a56c8d00b06f4e6e1ae_NeikiAnalytics
- Size
  
  79KB
- MD5
  
  5013a99ca2431953e3df4a2f9c565520
- SHA1
  
  07598507f1ccb3ae9ff35f8198d0dbfde4a3824d
- SHA256
  
  2d62ca975de47e12f7f46a8b2922ba737f36315df7fd1a56c8d00b06f4e6e1ae
- SHA512
  
  b76959a9c086b72ab5aa86028b5d396cf4b6d1690223cc5ebd84349e161f71e42369e75bbc39937cb9729612bba7083e0d23c439ae1ee339895cef437929cee3
- SSDEEP
  
  1536:dA7HaHpEuxOGw9Hz8PlUEAiFkSIgiItKq9v6DK:+O14Gw9HA9UEAixtBtKq9vV
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2