Overview

overview

10

Static

static

3

5901fc2624...cs.exe

windows7-x64

10

5901fc2624...cs.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    5901fc2624756c82420ae9739e691a00_NeikiAnalytics.exe

  • Size

    1.6MB

  • Sample

    240522-3kypvadd52

  • MD5

    5901fc2624756c82420ae9739e691a00

  • SHA1

    ad1ab2f13010c0fe8aeb8de98d5a6f86dbd389c3

  • SHA256

    b422eb2c66219b4e0f9375707807b6f7620b151d50b762a795d492dc292f5e43

  • SHA512

    cc6115fb0104b57a5c8e7b017b06681f6e06536c700d84693df084c3e569a77b11c542e4d35a0c5c7d2ec25b753a34d2dcabff105365418d86a68ddd34dd93dd

  • SSDEEP

    24576:p5h3q5hrq5h3q5hFw75h3q5hrq5h3q5hs:V

Score
10/10
persistence

Malware Config

Targets

    • Target

      5901fc2624756c82420ae9739e691a00_NeikiAnalytics.exe

    • Size

      1.6MB

    • MD5

      5901fc2624756c82420ae9739e691a00

    • SHA1

      ad1ab2f13010c0fe8aeb8de98d5a6f86dbd389c3

    • SHA256

      b422eb2c66219b4e0f9375707807b6f7620b151d50b762a795d492dc292f5e43

    • SHA512

      cc6115fb0104b57a5c8e7b017b06681f6e06536c700d84693df084c3e569a77b11c542e4d35a0c5c7d2ec25b753a34d2dcabff105365418d86a68ddd34dd93dd

    • SSDEEP

      24576:p5h3q5hrq5h3q5hFw75h3q5hrq5h3q5hs:V

    Score
    10/10
    persistence

    • Adds autorun key to be loaded by Explorer.exe on startup

      persistence

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

1
T1547

Registry Run Keys / Startup Folder

1
T1547.001

Privilege Escalation

Boot or Logon Autostart Execution

1
T1547

Registry Run Keys / Startup Folder

1
T1547.001

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks