4a31089b2d9135ac49eec6e3114a0d81c70569171020549d53d577774930c35c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4a31089b2d9135ac49eec6e3114a0d81c70569171020549d53d577774930c35c_NeikiAnalytics
Size

128KB
Sample

240521-pl3hjadf47
MD5

f318279c4e936d86f73f4b16d4dc9b70
SHA1

aa73df57ae75fe329ef548f7068b9716a282a594
SHA256

4a31089b2d9135ac49eec6e3114a0d81c70569171020549d53d577774930c35c
SHA512

8efa05c003f0ef6dca4e0182cc89d3a70748f204941c4dd1d98a5f077434d2ddd4c8d3fcf29b1526dec182e8dbcac442c055957def90504162aecc24997640b3
SSDEEP

3072:O2vq7PNMqkZQRkeqSJdEN0s4WE+3S9pui6yYPaI7DX:OBP++1PENm+3Mpui6yYPaI/

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  4a31089b2d9135ac49eec6e3114a0d81c70569171020549d53d577774930c35c_NeikiAnalytics
- Size
  
  128KB
- MD5
  
  f318279c4e936d86f73f4b16d4dc9b70
- SHA1
  
  aa73df57ae75fe329ef548f7068b9716a282a594
- SHA256
  
  4a31089b2d9135ac49eec6e3114a0d81c70569171020549d53d577774930c35c
- SHA512
  
  8efa05c003f0ef6dca4e0182cc89d3a70748f204941c4dd1d98a5f077434d2ddd4c8d3fcf29b1526dec182e8dbcac442c055957def90504162aecc24997640b3
- SSDEEP
  
  3072:O2vq7PNMqkZQRkeqSJdEN0s4WE+3S9pui6yYPaI7DX:OBP++1PENm+3Mpui6yYPaI/
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2