Overview

overview

10

Static

static

3

633379b75c...cs.exe

windows7-x64

10

633379b75c...cs.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    633379b75c9a0c830aded6058dd1df10_NeikiAnalytics.exe

  • Size

    62KB

  • Sample

    240523-axfetafb34

  • MD5

    633379b75c9a0c830aded6058dd1df10

  • SHA1

    a9dbe2628a2e3011c5fabc951e7f4898ecc5198a

  • SHA256

    6c1778b8363226b136ce4ad0955f8fd8763f9fa09aeaffef70f5fd07148fd578

  • SHA512

    e5652e358b692737c1b246d9bef86c9718fe94e82373e7826f952f74aa913fa98b3555221d524691a625eb9c6a5960928a9ecc676ec3b195e6500e21a8d28ce9

  • SSDEEP

    1536:sYRwKGzC8tPo0YEQ5oxB95msUoR+wyo1e9jFygve8Cy:nRwKJgcDCv5msH/URFve8

Score
10/10
persistence

Malware Config

Targets

    • Target

      633379b75c9a0c830aded6058dd1df10_NeikiAnalytics.exe

    • Size

      62KB

    • MD5

      633379b75c9a0c830aded6058dd1df10

    • SHA1

      a9dbe2628a2e3011c5fabc951e7f4898ecc5198a

    • SHA256

      6c1778b8363226b136ce4ad0955f8fd8763f9fa09aeaffef70f5fd07148fd578

    • SHA512

      e5652e358b692737c1b246d9bef86c9718fe94e82373e7826f952f74aa913fa98b3555221d524691a625eb9c6a5960928a9ecc676ec3b195e6500e21a8d28ce9

    • SSDEEP

      1536:sYRwKGzC8tPo0YEQ5oxB95msUoR+wyo1e9jFygve8Cy:nRwKJgcDCv5msH/URFve8

    Score
    10/10
    persistence

    • Adds autorun key to be loaded by Explorer.exe on startup

      persistence

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

1
T1547

Registry Run Keys / Startup Folder

1
T1547.001

Privilege Escalation

Boot or Logon Autostart Execution

1
T1547

Registry Run Keys / Startup Folder

1
T1547.001

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks