0c14e00c5e8793cdf4ffb84f996bd80b08c5826640ed3deb825dfe81484ef673 | Triage

Sharing

General

Target

0b9688bf432d2d7c993555d27ef38500_NeikiAnalytics.exe
Size

135KB
Sample

240525-xghlkaeb71
MD5

0b9688bf432d2d7c993555d27ef38500
SHA1

ae9275a21db0648d157253f48e6b380311044726
SHA256

0c14e00c5e8793cdf4ffb84f996bd80b08c5826640ed3deb825dfe81484ef673
SHA512

bd76a645a3a23fe379a8b134dc3f9716e2b67b34d2ccdc449e56db2c6a9661dab63758c282e4ebf74d9da10c1f42949024d612398656e67ac1a7eef316fe3d6c
SSDEEP

1536:4fsEqouTRcG/Mzvgf7xEuvnXNTRdUzwTekUOisZ1yDDajtXbVNd:4VqoCl/YgjxEufVU0TbTyDDalrd

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  0b9688bf432d2d7c993555d27ef38500_NeikiAnalytics.exe
- Size
  
  135KB
- MD5
  
  0b9688bf432d2d7c993555d27ef38500
- SHA1
  
  ae9275a21db0648d157253f48e6b380311044726
- SHA256
  
  0c14e00c5e8793cdf4ffb84f996bd80b08c5826640ed3deb825dfe81484ef673
- SHA512
  
  bd76a645a3a23fe379a8b134dc3f9716e2b67b34d2ccdc449e56db2c6a9661dab63758c282e4ebf74d9da10c1f42949024d612398656e67ac1a7eef316fe3d6c
- SSDEEP
  
  1536:4fsEqouTRcG/Mzvgf7xEuvnXNTRdUzwTekUOisZ1yDDajtXbVNd:4VqoCl/YgjxEufVU0TbTyDDalrd
Score

10^/10

evasion persistence
- Modifies visiblity of hidden/system files in Explorer
  evasion
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Scheduled Task/Job

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Scheduled Task/Job

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence