Overview

overview

10

Static

static

3

c9f2c6fce7...cs.exe

windows7-x64

10

c9f2c6fce7...cs.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    c9f2c6fce75adf203f86d8d8c50d7020_NeikiAnalytics.exe

  • Size

    335KB

  • Sample

    240522-yrc99sed8v

  • MD5

    c9f2c6fce75adf203f86d8d8c50d7020

  • SHA1

    04ecd732e4c0c212b12c13eca95d702b4fc2ee99

  • SHA256

    c8389c3aedd87e3f6fb309dac19a24c063e40e2608ac88cec67d5acb01551f79

  • SHA512

    ce27a4bd40353f75503c0528e4aac438493fc49c7e34b92fe7f6c178fe5a5600099b05c5022cc424d013575131a8ed7ecd1ff5b93fabe3dfcbe7cc5bcc9aaf51

  • SSDEEP

    6144:LCvzLvLvwU/4qwvwU/4qvvwevwU/4q+vwk/4q7:Li

Score
10/10
persistence

Malware Config

Targets

    • Target

      c9f2c6fce75adf203f86d8d8c50d7020_NeikiAnalytics.exe

    • Size

      335KB

    • MD5

      c9f2c6fce75adf203f86d8d8c50d7020

    • SHA1

      04ecd732e4c0c212b12c13eca95d702b4fc2ee99

    • SHA256

      c8389c3aedd87e3f6fb309dac19a24c063e40e2608ac88cec67d5acb01551f79

    • SHA512

      ce27a4bd40353f75503c0528e4aac438493fc49c7e34b92fe7f6c178fe5a5600099b05c5022cc424d013575131a8ed7ecd1ff5b93fabe3dfcbe7cc5bcc9aaf51

    • SSDEEP

      6144:LCvzLvLvwU/4qwvwU/4qvvwevwU/4q+vwk/4q7:Li

    Score
    10/10
    persistence

    • Adds autorun key to be loaded by Explorer.exe on startup

      persistence

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

1
T1547

Registry Run Keys / Startup Folder

1
T1547.001

Privilege Escalation

Boot or Logon Autostart Execution

1
T1547

Registry Run Keys / Startup Folder

1
T1547.001

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks