79e47a1a331886ca158167e27a2c98ac266d9fc85b47f0cc366d347ddfd5b43d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5fef3b10fae04aa14a25d13685cf98a0_NeikiAnalytics.exe
Size

136KB
Sample

240525-hbkfmshd9z
MD5

5fef3b10fae04aa14a25d13685cf98a0
SHA1

caf7fe7b9c234720a34eecfaca0b46ef64286c10
SHA256

79e47a1a331886ca158167e27a2c98ac266d9fc85b47f0cc366d347ddfd5b43d
SHA512

a16480b2cd2588c19f355eed10d293cacee9ea60817de3958c07853c2e33cd3580c7fa021580735d1caa7556a1598dc2c1e6f3dd6b4493a3817b2202992f5313
SSDEEP

3072:8EvghIg5adv/sohLwdNbw+Y92xQuohLwdNbw5bxH0zVWccA:rYhsv/sohxd2Quohdbd0zscj

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  5fef3b10fae04aa14a25d13685cf98a0_NeikiAnalytics.exe
- Size
  
  136KB
- MD5
  
  5fef3b10fae04aa14a25d13685cf98a0
- SHA1
  
  caf7fe7b9c234720a34eecfaca0b46ef64286c10
- SHA256
  
  79e47a1a331886ca158167e27a2c98ac266d9fc85b47f0cc366d347ddfd5b43d
- SHA512
  
  a16480b2cd2588c19f355eed10d293cacee9ea60817de3958c07853c2e33cd3580c7fa021580735d1caa7556a1598dc2c1e6f3dd6b4493a3817b2202992f5313
- SSDEEP
  
  3072:8EvghIg5adv/sohLwdNbw+Y92xQuohLwdNbw5bxH0zVWccA:rYhsv/sohxd2Quohdbd0zscj
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2