Overview

overview

10

Static

static

3

15b5d63fa9...cs.exe

windows7-x64

10

15b5d63fa9...cs.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    15b5d63fa9640596a7f85d1a1d027150_NeikiAnalytics.exe

  • Size

    80KB

  • Sample

    240522-d9yzgaba81

  • MD5

    15b5d63fa9640596a7f85d1a1d027150

  • SHA1

    818d85b0ae78adebc02993e42050e031c191b482

  • SHA256

    da08e84fca633f07d6433e2f1df2324e0885117ebd5ae2eaf6ba6dce4ee138d8

  • SHA512

    19a8daec30d70493a4a2cb2531de85212f435360b1012e8d611c13d4f04201fea093e28f65bd946578f8d0f33bbfbfcea901763a3dc1c3b77b1a58c0372650b3

  • SSDEEP

    1536:4H3GldRh02xWzQLDkac9Uc8IbnJo2LXJ9VqDlzVxyh+CbxMa:4H3G3zHxWckZGWXXJ9IDlRxyhTb7

Score
10/10
persistence

Malware Config

Targets

    • Target

      15b5d63fa9640596a7f85d1a1d027150_NeikiAnalytics.exe

    • Size

      80KB

    • MD5

      15b5d63fa9640596a7f85d1a1d027150

    • SHA1

      818d85b0ae78adebc02993e42050e031c191b482

    • SHA256

      da08e84fca633f07d6433e2f1df2324e0885117ebd5ae2eaf6ba6dce4ee138d8

    • SHA512

      19a8daec30d70493a4a2cb2531de85212f435360b1012e8d611c13d4f04201fea093e28f65bd946578f8d0f33bbfbfcea901763a3dc1c3b77b1a58c0372650b3

    • SSDEEP

      1536:4H3GldRh02xWzQLDkac9Uc8IbnJo2LXJ9VqDlzVxyh+CbxMa:4H3G3zHxWckZGWXXJ9IDlRxyhTb7

    Score
    10/10
    persistence

    • Adds autorun key to be loaded by Explorer.exe on startup

      persistence

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

1
T1547

Registry Run Keys / Startup Folder

1
T1547.001

Privilege Escalation

Boot or Logon Autostart Execution

1
T1547

Registry Run Keys / Startup Folder

1
T1547.001

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks