4299f46a0fb2aa1bf0a75de4444689a830865d7ca737a8c94e136f02a4c7b2d7 | Triage

Sharing

General

Target

1832fc67724651c62343cc2c0cace0e0_NeikiAnalytics.exe
Size

4.9MB
Sample

240526-v1ac7aeg78
MD5

1832fc67724651c62343cc2c0cace0e0
SHA1

3b8591e5879b44e827bdddb9acb759b8b7636cf2
SHA256

4299f46a0fb2aa1bf0a75de4444689a830865d7ca737a8c94e136f02a4c7b2d7
SHA512

a68b5508fb7fd7d511c16ee259a3d8fd37d4f113a0bd549ab3abe7ce0c7be2982a50448f05f06e4c94f947ed02ae37ad6a4b01c9805c995d76badf02185a2d57
SSDEEP

98304:4gIoKYKZ4DExCMTXU4INy610j43HkPTgbWE2eMB3PjdRPm:7kAIxCoOQQ60uE273

Score

7^/10

bootkit persistence

Malware Config

Targets

- Target
  
  1832fc67724651c62343cc2c0cace0e0_NeikiAnalytics.exe
- Size
  
  4.9MB
- MD5
  
  1832fc67724651c62343cc2c0cace0e0
- SHA1
  
  3b8591e5879b44e827bdddb9acb759b8b7636cf2
- SHA256
  
  4299f46a0fb2aa1bf0a75de4444689a830865d7ca737a8c94e136f02a4c7b2d7
- SHA512
  
  a68b5508fb7fd7d511c16ee259a3d8fd37d4f113a0bd549ab3abe7ce0c7be2982a50448f05f06e4c94f947ed02ae37ad6a4b01c9805c995d76badf02185a2d57
- SSDEEP
  
  98304:4gIoKYKZ4DExCMTXU4INy610j43HkPTgbWE2eMB3PjdRPm:7kAIxCoOQQ60uE273
Score

7^/10

bootkit persistence
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Pre-OS Boot

Bootkit

Privilege Escalation

Defense Evasion

Pre-OS Boot

Bootkit

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

bootkitpersistence

behavioral2

bootkitpersistence