Overview

overview

7

Static

static

3

0ce4697b70...cs.exe

windows7-x64

7

0ce4697b70...cs.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    0ce4697b70c169aee7ba6f58b5acf900_NeikiAnalytics.exe

  • Size

    115KB

  • Sample

    240521-zm75hsab5y

  • MD5

    0ce4697b70c169aee7ba6f58b5acf900

  • SHA1

    8ec66112a006764812dcd0ad816962bf9a7c2ffa

  • SHA256

    dce9644852ece6a904eb55ea0cf36c87cbe2a9c085ffd7adde4dacef05ab9f09

  • SHA512

    e9a395738ff98731cc32075b9f3aa6f74dcbc387acb66a49c8e92abfd1e499911673cd91a5f3db131e4c602adde92e05ce5c7a8af2f947a50716e33746b66032

  • SSDEEP

    1536:Hlqls0GgUyj5JxdA4Oj3W2Fsdq4FiG+sdguxnSngBNpy5G0Aox9cJNWIfoEb:HQC/yj5JO3MniG+Hu5y5Lxxu6IfoC

Score
7/10
persistence

Malware Config

Targets

    • Target

      0ce4697b70c169aee7ba6f58b5acf900_NeikiAnalytics.exe

    • Size

      115KB

    • MD5

      0ce4697b70c169aee7ba6f58b5acf900

    • SHA1

      8ec66112a006764812dcd0ad816962bf9a7c2ffa

    • SHA256

      dce9644852ece6a904eb55ea0cf36c87cbe2a9c085ffd7adde4dacef05ab9f09

    • SHA512

      e9a395738ff98731cc32075b9f3aa6f74dcbc387acb66a49c8e92abfd1e499911673cd91a5f3db131e4c602adde92e05ce5c7a8af2f947a50716e33746b66032

    • SSDEEP

      1536:Hlqls0GgUyj5JxdA4Oj3W2Fsdq4FiG+sdguxnSngBNpy5G0Aox9cJNWIfoEb:HQC/yj5JO3MniG+Hu5y5Lxxu6IfoC

    Score
    7/10
    persistence

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

1
T1547

Registry Run Keys / Startup Folder

1
T1547.001

Privilege Escalation

Boot or Logon Autostart Execution

1
T1547

Registry Run Keys / Startup Folder

1
T1547.001

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks