Overview

overview

10

Static

static

3

5e83e78732...cs.exe

windows7-x64

10

5e83e78732...cs.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    5e83e787325470333bfe8c9353e59890_NeikiAnalytics.exe

  • Size

    96KB

  • Sample

    240523-aee2bseb6w

  • MD5

    5e83e787325470333bfe8c9353e59890

  • SHA1

    2e658bdffae5c06908c1742ef92985f244fc91e7

  • SHA256

    c0dc19dea316c5b7998269768097970d136c7187f7847eec11f1f8bf3024753b

  • SHA512

    f6574169b1b18eab27e6c2108f279cdf85c4039282833c24952b4dd44ef21fc30a7cbbc61327bdbc9a14a4fc9dbd813bb5424d8e3b0bc33207e7795266c39834

  • SSDEEP

    1536:zYj84JKEdf8JMEGwiXZpfUZPVYcdnGulhdsKkWaAjWbjtKBvU:zYjvJeJMfwkp8Z93n9HsKkWVwtCU

Score
10/10
persistence

Malware Config

Targets

    • Target

      5e83e787325470333bfe8c9353e59890_NeikiAnalytics.exe

    • Size

      96KB

    • MD5

      5e83e787325470333bfe8c9353e59890

    • SHA1

      2e658bdffae5c06908c1742ef92985f244fc91e7

    • SHA256

      c0dc19dea316c5b7998269768097970d136c7187f7847eec11f1f8bf3024753b

    • SHA512

      f6574169b1b18eab27e6c2108f279cdf85c4039282833c24952b4dd44ef21fc30a7cbbc61327bdbc9a14a4fc9dbd813bb5424d8e3b0bc33207e7795266c39834

    • SSDEEP

      1536:zYj84JKEdf8JMEGwiXZpfUZPVYcdnGulhdsKkWaAjWbjtKBvU:zYjvJeJMfwkp8Z93n9HsKkWVwtCU

    Score
    10/10
    persistence

    • Adds autorun key to be loaded by Explorer.exe on startup

      persistence

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

1
T1547

Registry Run Keys / Startup Folder

1
T1547.001

Privilege Escalation

Boot or Logon Autostart Execution

1
T1547

Registry Run Keys / Startup Folder

1
T1547.001

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks