Overview

overview

10

Static

static

3

6b2ab90d3c...cs.exe

windows7-x64

10

6b2ab90d3c...cs.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    6b2ab90d3cefd2ce1e62bba0bbda1e10_NeikiAnalytics.exe

  • Size

    117KB

  • Sample

    240523-bnd13agb6v

  • MD5

    6b2ab90d3cefd2ce1e62bba0bbda1e10

  • SHA1

    c698b403dce95c385bd9ff035f69eba55ee2dea2

  • SHA256

    cd082a1713958e62f13e4745780bdcbfeb17a58bd2bb0cd8162b827ec8186e44

  • SHA512

    729f7f242cddeceef78319d13a6419cc0954a16463271f3a66fa4a26f4578b5186195b56e191dad2f9b385952b29f41aed6fc13cc6b8e7d491fdb903e49c4110

  • SSDEEP

    1536:XKzCiCoYhNihhpXr8+t+ekPHTdXvLDVFsf9gFFfUN1Avhw6JCM:XKeiCoYrUDI+cPzdX/Yf9gFFfUrQlM

Score
10/10
persistence

Malware Config

Targets

    • Target

      6b2ab90d3cefd2ce1e62bba0bbda1e10_NeikiAnalytics.exe

    • Size

      117KB

    • MD5

      6b2ab90d3cefd2ce1e62bba0bbda1e10

    • SHA1

      c698b403dce95c385bd9ff035f69eba55ee2dea2

    • SHA256

      cd082a1713958e62f13e4745780bdcbfeb17a58bd2bb0cd8162b827ec8186e44

    • SHA512

      729f7f242cddeceef78319d13a6419cc0954a16463271f3a66fa4a26f4578b5186195b56e191dad2f9b385952b29f41aed6fc13cc6b8e7d491fdb903e49c4110

    • SSDEEP

      1536:XKzCiCoYhNihhpXr8+t+ekPHTdXvLDVFsf9gFFfUN1Avhw6JCM:XKeiCoYrUDI+cPzdX/Yf9gFFfUrQlM

    Score
    10/10
    persistence

    • Adds autorun key to be loaded by Explorer.exe on startup

      persistence

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

1
T1547

Registry Run Keys / Startup Folder

1
T1547.001

Privilege Escalation

Boot or Logon Autostart Execution

1
T1547

Registry Run Keys / Startup Folder

1
T1547.001

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks