Overview

overview

10

Static

static

3

5c166f8198...cs.exe

windows7-x64

10

5c166f8198...cs.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    5c166f8198e3a17ab2e612992b7d19b0_NeikiAnalytics.exe

  • Size

    96KB

  • Sample

    240522-3wc8aadg4w

  • MD5

    5c166f8198e3a17ab2e612992b7d19b0

  • SHA1

    ccdf4c72c10742a9f47ed6bddd9e67ede919b4f5

  • SHA256

    7aba343d4066c9f2c5b45ba49e21a034438e17cfd71dca221b634677f20a31f3

  • SHA512

    5020804e9dfec60234f6ad3db04150fc6a7b6c1f9c8ff97e0e0a3e1a14ae9a3c01b831a8a3a3de96cdc41632906f02cff751747506410328e3dfe8cd4a7c5a92

  • SSDEEP

    1536:HiZlD3P9OVaM1hz+eW3Sz1LuCZK2LC7RZObZUUWaegPYA:HiZlD3PIVNz+eLzbCClUUWae

Score
10/10
persistence

Malware Config

Targets

    • Target

      5c166f8198e3a17ab2e612992b7d19b0_NeikiAnalytics.exe

    • Size

      96KB

    • MD5

      5c166f8198e3a17ab2e612992b7d19b0

    • SHA1

      ccdf4c72c10742a9f47ed6bddd9e67ede919b4f5

    • SHA256

      7aba343d4066c9f2c5b45ba49e21a034438e17cfd71dca221b634677f20a31f3

    • SHA512

      5020804e9dfec60234f6ad3db04150fc6a7b6c1f9c8ff97e0e0a3e1a14ae9a3c01b831a8a3a3de96cdc41632906f02cff751747506410328e3dfe8cd4a7c5a92

    • SSDEEP

      1536:HiZlD3P9OVaM1hz+eW3Sz1LuCZK2LC7RZObZUUWaegPYA:HiZlD3PIVNz+eLzbCClUUWae

    Score
    10/10
    persistence

    • Adds autorun key to be loaded by Explorer.exe on startup

      persistence

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

1
T1547

Registry Run Keys / Startup Folder

1
T1547.001

Privilege Escalation

Boot or Logon Autostart Execution

1
T1547

Registry Run Keys / Startup Folder

1
T1547.001

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks