General

  • Target

    3c35a7900d9225c422791be8920995c7dee042aa33fb3ebf0c7101cc633b6dd9_NeikiAnalytics

  • Size

    92KB

  • Sample

    240521-m59pvabb96

  • MD5

    7261eb1a46516d618aa41406e782da1e

  • SHA1

    9d979ddb6a4a1b607661d5570df2826b3a3c662f

  • SHA256

    3c35a7900d9225c422791be8920995c7dee042aa33fb3ebf0c7101cc633b6dd9

  • SHA512

    4e52052ea1f5d71d1377c71346e36b9d4352a4e0a0a462d932a6defb88e4a929eb5a224486f8148a212270a95b6e48774397db9fa39551b571ea571012966afe

  • SSDEEP

    1536:Qk3hOdsylKlgryzc4bNhZFGzE+cL2knAfiCaikW3ixhZFaRRGjx0BT0TR0SHx/Ua:Qk3hOdsylKlgryzc4bNhZFGzE+cL2knt

Malware Config

Extracted

Language
ps1
Deobfuscated
URLs
exe.dropper

http://i.cubeupload.com/1MDiPJ.jpg

Targets

    • Target

      3c35a7900d9225c422791be8920995c7dee042aa33fb3ebf0c7101cc633b6dd9_NeikiAnalytics

    • Size

      92KB

    • MD5

      7261eb1a46516d618aa41406e782da1e

    • SHA1

      9d979ddb6a4a1b607661d5570df2826b3a3c662f

    • SHA256

      3c35a7900d9225c422791be8920995c7dee042aa33fb3ebf0c7101cc633b6dd9

    • SHA512

      4e52052ea1f5d71d1377c71346e36b9d4352a4e0a0a462d932a6defb88e4a929eb5a224486f8148a212270a95b6e48774397db9fa39551b571ea571012966afe

    • SSDEEP

      1536:Qk3hOdsylKlgryzc4bNhZFGzE+cL2knAfiCaikW3ixhZFaRRGjx0BT0TR0SHx/Ua:Qk3hOdsylKlgryzc4bNhZFGzE+cL2knt

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Blocklisted process makes network request

MITRE ATT&CK Enterprise v15

Tasks