4f780492c9a8a825f7c259aae31d0a9f00b435d7f87e297390c8386c63f32769 | Triage

Submit
Reports

Overview

overview

7

Static

static

3

080d1485cf...cs.exe

windows7-x64

7

080d1485cf...cs.exe

windows10-2004-x64

6

Sharing

General

Target

080d1485cfbd03b271340e725881da60_NeikiAnalytics.exe
Size

2.2MB
Sample

240526-rl745ahc2x
MD5

080d1485cfbd03b271340e725881da60
SHA1

2806467db3e45e071dd66ef2bf9f1307cd349399
SHA256

4f780492c9a8a825f7c259aae31d0a9f00b435d7f87e297390c8386c63f32769
SHA512

34c57614e5255355fae7bf73e71a2c6266c2b2d6fbd02c7d4fabe61b7af2e2054b8d4b799aa42917d21ba0eb39dc77b1e324b91f82c42f21925432aa62b90ae9
SSDEEP

24576:n2dJqwaZs9a8fbKmIwlDSIerahovRCVCWWO0BubzQ0Rj3jtK+a++K+jNd1RzVCEL:n7n7pNXheQc3Fg7g3vYXg

Score

7^/10

bootkit persistence upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

080d1485cfbd03b271340e725881da60_NeikiAnalytics.exe

Resource

win7-20240221-en

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

080d1485cfbd03b271340e725881da60_NeikiAnalytics.exe

Resource

win10v2004-20240508-en

bootkit persistence

windows10-2004-x64

4 signatures

150 seconds

Malware Config

Targets

- Target
  
  080d1485cfbd03b271340e725881da60_NeikiAnalytics.exe
- Size
  
  2.2MB
- MD5
  
  080d1485cfbd03b271340e725881da60
- SHA1
  
  2806467db3e45e071dd66ef2bf9f1307cd349399
- SHA256
  
  4f780492c9a8a825f7c259aae31d0a9f00b435d7f87e297390c8386c63f32769
- SHA512
  
  34c57614e5255355fae7bf73e71a2c6266c2b2d6fbd02c7d4fabe61b7af2e2054b8d4b799aa42917d21ba0eb39dc77b1e324b91f82c42f21925432aa62b90ae9
- SSDEEP
  
  24576:n2dJqwaZs9a8fbKmIwlDSIerahovRCVCWWO0BubzQ0Rj3jtK+a++K+jNd1RzVCEL:n7n7pNXheQc3Fg7g3vYXg
Score

7^/10

upx bootkit persistence
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Pre-OS Boot

Bootkit

Privilege Escalation

Defense Evasion

Pre-OS Boot

Bootkit

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2

bootkitpersistence

© 2018-2024

Terms | Privacy