9cb07c45b95305f3acb7bd4fbc44611816032da8bd51c64a53ba05ed28fb9dca | Triage

Sharing

Copy URL Twitter E-mail

General

Target

627a85a79f48f82b25ac1ac9f90d7fa0_NeikiAnalytics.exe
Size

128KB
Sample

240523-g8658sgc96
MD5

627a85a79f48f82b25ac1ac9f90d7fa0
SHA1

c0a4700e566ee9e5b86a15a3e15e1674606e3790
SHA256

9cb07c45b95305f3acb7bd4fbc44611816032da8bd51c64a53ba05ed28fb9dca
SHA512

28fab30e3c4a6cf5dfd3c811eca47c9174d82ff283b0ce2bef7d90ddbe3c832984f342e86d727289b1ec663be5db9c39bef2d936d6e56f90cef46b586b2f2c1c
SSDEEP

3072:m5AfOqEVTc7T6IwWgeeJVqLAYC+O+hd07oFli0KPA9fc3EMUtwn20I:z7EV+T6IBg12LAYCtE07kli0KoCYtw27

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  627a85a79f48f82b25ac1ac9f90d7fa0_NeikiAnalytics.exe
- Size
  
  128KB
- MD5
  
  627a85a79f48f82b25ac1ac9f90d7fa0
- SHA1
  
  c0a4700e566ee9e5b86a15a3e15e1674606e3790
- SHA256
  
  9cb07c45b95305f3acb7bd4fbc44611816032da8bd51c64a53ba05ed28fb9dca
- SHA512
  
  28fab30e3c4a6cf5dfd3c811eca47c9174d82ff283b0ce2bef7d90ddbe3c832984f342e86d727289b1ec663be5db9c39bef2d936d6e56f90cef46b586b2f2c1c
- SSDEEP
  
  3072:m5AfOqEVTc7T6IwWgeeJVqLAYC+O+hd07oFli0KPA9fc3EMUtwn20I:z7EV+T6IBg12LAYCtE07kli0KoCYtw27
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2