Overview

overview

10

Static

static

3

6457cb2b4d...cs.exe

windows7-x64

10

6457cb2b4d...cs.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    6457cb2b4dce4b2873202e1b90ee6d20_NeikiAnalytics.exe

  • Size

    97KB

  • Sample

    240523-a2jb9sfc76

  • MD5

    6457cb2b4dce4b2873202e1b90ee6d20

  • SHA1

    9f066bb2e79a86b60b77e239467f76eece921d56

  • SHA256

    68ed0e5782bd28166e1b0a1a5806ad262051f8abab2854a3e49c2f73b56ed9b2

  • SHA512

    94fdb59e43a7d4a9bc72af255878c203eaaea292bbd3dde8050b89c33536693b39d9df9a949d4fc633c142af3fdbe66d7c569d93380f75b220141f521efd3b8d

  • SSDEEP

    1536:YifVnxDXsE9HvTQVCclGCMnKVvVHlcvivJXeYZ6:VfVnx/9HijlhgKwvCJXeK6

Score
10/10
persistence

Malware Config

Targets

    • Target

      6457cb2b4dce4b2873202e1b90ee6d20_NeikiAnalytics.exe

    • Size

      97KB

    • MD5

      6457cb2b4dce4b2873202e1b90ee6d20

    • SHA1

      9f066bb2e79a86b60b77e239467f76eece921d56

    • SHA256

      68ed0e5782bd28166e1b0a1a5806ad262051f8abab2854a3e49c2f73b56ed9b2

    • SHA512

      94fdb59e43a7d4a9bc72af255878c203eaaea292bbd3dde8050b89c33536693b39d9df9a949d4fc633c142af3fdbe66d7c569d93380f75b220141f521efd3b8d

    • SSDEEP

      1536:YifVnxDXsE9HvTQVCclGCMnKVvVHlcvivJXeYZ6:VfVnx/9HijlhgKwvCJXeK6

    Score
    10/10
    persistence

    • Adds autorun key to be loaded by Explorer.exe on startup

      persistence

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

1
T1547

Registry Run Keys / Startup Folder

1
T1547.001

Privilege Escalation

Boot or Logon Autostart Execution

1
T1547

Registry Run Keys / Startup Folder

1
T1547.001

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks