Overview

overview

10

Static

static

3

5ac63ee44a...cs.exe

windows7-x64

10

5ac63ee44a...cs.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    5ac63ee44aef8abaf7da543a69dffed0_NeikiAnalytics.exe

  • Size

    57KB

  • Sample

    240522-3rn4zsdf93

  • MD5

    5ac63ee44aef8abaf7da543a69dffed0

  • SHA1

    cf865170deef177ce82bc6e459308394ccdab280

  • SHA256

    f578d50714d34aed6ebfaaae7dca52fa7bbfe3cca175b985aa1727dc3d48bd53

  • SHA512

    714496fb59456343f50c7b0656150df3f88a2db3a887e08b20f47457e5015586f56eae0e8b7f286e2e98af37bc9253dd594b6b25d52e337f6f085782af0ff385

  • SSDEEP

    1536:UtSR0RnHm9+ETXB4iP2q5HWlvaTvk3z6RiQT:UtSbRTx4iP2qAhaTvk3z6sQT

Score
10/10
persistence

Malware Config

Targets

    • Target

      5ac63ee44aef8abaf7da543a69dffed0_NeikiAnalytics.exe

    • Size

      57KB

    • MD5

      5ac63ee44aef8abaf7da543a69dffed0

    • SHA1

      cf865170deef177ce82bc6e459308394ccdab280

    • SHA256

      f578d50714d34aed6ebfaaae7dca52fa7bbfe3cca175b985aa1727dc3d48bd53

    • SHA512

      714496fb59456343f50c7b0656150df3f88a2db3a887e08b20f47457e5015586f56eae0e8b7f286e2e98af37bc9253dd594b6b25d52e337f6f085782af0ff385

    • SSDEEP

      1536:UtSR0RnHm9+ETXB4iP2q5HWlvaTvk3z6RiQT:UtSbRTx4iP2qAhaTvk3z6sQT

    Score
    10/10
    persistence

    • Adds autorun key to be loaded by Explorer.exe on startup

      persistence

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

1
T1547

Registry Run Keys / Startup Folder

1
T1547.001

Privilege Escalation

Boot or Logon Autostart Execution

1
T1547

Registry Run Keys / Startup Folder

1
T1547.001

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks