0d7f88f66b99caacadf6d9ac75f8a3f25e6d511ec52e99b15aff3974f59d0a0a | Triage

Sharing

General

Target

17a0491b9a32ef04911b9cf97ff4e240_NeikiAnalytics.exe
Size

363KB
Sample

240525-yvsjcshb27
MD5

17a0491b9a32ef04911b9cf97ff4e240
SHA1

c3c4666d0ca201cfccefcddea7e9fc51dbb15c7c
SHA256

0d7f88f66b99caacadf6d9ac75f8a3f25e6d511ec52e99b15aff3974f59d0a0a
SHA512

a8050d65354c004bd126f9a5626e7eca8f607a8bda0585ae9b11234253871e5812a5e83eec3727883859909a030eb49d675dd11f4683d1c9f88d47b222052906
SSDEEP

6144:0AUNbo39k5tTDUZNSN58VU5tT0dzL4n5tTDUZNSN58VU5tT:ubN5t6NSN6G5tsLc5t6NSN6G5t

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  17a0491b9a32ef04911b9cf97ff4e240_NeikiAnalytics.exe
- Size
  
  363KB
- MD5
  
  17a0491b9a32ef04911b9cf97ff4e240
- SHA1
  
  c3c4666d0ca201cfccefcddea7e9fc51dbb15c7c
- SHA256
  
  0d7f88f66b99caacadf6d9ac75f8a3f25e6d511ec52e99b15aff3974f59d0a0a
- SHA512
  
  a8050d65354c004bd126f9a5626e7eca8f607a8bda0585ae9b11234253871e5812a5e83eec3727883859909a030eb49d675dd11f4683d1c9f88d47b222052906
- SSDEEP
  
  6144:0AUNbo39k5tTDUZNSN58VU5tT0dzL4n5tTDUZNSN58VU5tT:ubN5t6NSN6G5tsLc5t6NSN6G5t
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2