Overview

overview

10

Static

static

3

1525f2a864...cs.exe

windows7-x64

10

1525f2a864...cs.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1525f2a864cfc103a8763066314c2670_NeikiAnalytics.exe

  • Size

    81KB

  • Sample

    240522-dpgvfsad36

  • MD5

    1525f2a864cfc103a8763066314c2670

  • SHA1

    7054096f118bebfaeef35e772c1aa05b6f07fda5

  • SHA256

    41c656a67cbf5f53753dfeb71784264402fb3f5a3fb8709bd4a086ae3ced6191

  • SHA512

    199143265225cd2e49b4c8074d64c0ea92b4f98e07466618c0bce3dd5b5e55659068416a1b82b04f92d67a29a26d5daaeb265282c1b6e18db086df3a95e5ec2c

  • SSDEEP

    1536:BbSxgi2z3S/ZVJzi1Z47m4LO++/+1m6KadhYxU33HX0L:1aglzIZI4/LrCimBaH8UH30L

Score
10/10
persistence

Malware Config

Targets

    • Target

      1525f2a864cfc103a8763066314c2670_NeikiAnalytics.exe

    • Size

      81KB

    • MD5

      1525f2a864cfc103a8763066314c2670

    • SHA1

      7054096f118bebfaeef35e772c1aa05b6f07fda5

    • SHA256

      41c656a67cbf5f53753dfeb71784264402fb3f5a3fb8709bd4a086ae3ced6191

    • SHA512

      199143265225cd2e49b4c8074d64c0ea92b4f98e07466618c0bce3dd5b5e55659068416a1b82b04f92d67a29a26d5daaeb265282c1b6e18db086df3a95e5ec2c

    • SSDEEP

      1536:BbSxgi2z3S/ZVJzi1Z47m4LO++/+1m6KadhYxU33HX0L:1aglzIZI4/LrCimBaH8UH30L

    Score
    10/10
    persistence

    • Adds autorun key to be loaded by Explorer.exe on startup

      persistence

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

1
T1547

Registry Run Keys / Startup Folder

1
T1547.001

Privilege Escalation

Boot or Logon Autostart Execution

1
T1547

Registry Run Keys / Startup Folder

1
T1547.001

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks