Overview

overview

7

Static

static

3

a013011a02...cs.exe

windows7-x64

7

a013011a02...cs.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    a013011a02b4eddd3a6b900a2dfbb530_NeikiAnalytics.exe

  • Size

    408KB

  • Sample

    240524-edcxssca55

  • MD5

    a013011a02b4eddd3a6b900a2dfbb530

  • SHA1

    241327ee02e188be8907df4915f18e967819037b

  • SHA256

    18b170a9022186f4ff709e068aa7f082479a71c0dbbcc57271c0386ba175ae19

  • SHA512

    62419d2a45638bfc09fbd257a4a15ece06c323714a6e3bce6a7cff7bd66856b5aecc89160449e7467a13df6b851353bc78e6626b933baedc85c1e5d5e2e4f64d

  • SSDEEP

    6144:4jlYKRF/LReWAsUyLUCE/RpdM/2Tdh21LUYkv:4jauDReWjCc/2TK6Nv

Score
7/10
persistence

Malware Config

Targets

    • Target

      a013011a02b4eddd3a6b900a2dfbb530_NeikiAnalytics.exe

    • Size

      408KB

    • MD5

      a013011a02b4eddd3a6b900a2dfbb530

    • SHA1

      241327ee02e188be8907df4915f18e967819037b

    • SHA256

      18b170a9022186f4ff709e068aa7f082479a71c0dbbcc57271c0386ba175ae19

    • SHA512

      62419d2a45638bfc09fbd257a4a15ece06c323714a6e3bce6a7cff7bd66856b5aecc89160449e7467a13df6b851353bc78e6626b933baedc85c1e5d5e2e4f64d

    • SSDEEP

      6144:4jlYKRF/LReWAsUyLUCE/RpdM/2Tdh21LUYkv:4jauDReWjCc/2TK6Nv

    Score
    7/10
    persistence

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

1
T1547

Registry Run Keys / Startup Folder

1
T1547.001

Privilege Escalation

Boot or Logon Autostart Execution

1
T1547

Registry Run Keys / Startup Folder

1
T1547.001

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks