7f1a52cac35549b240ccc2c55608b8ed1446e1ac9f77420190bb85b10295db82 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3787b4f8caa5f6886e503635a23a4110_NeikiAnalytics.exe
Size

615KB
Sample

240528-hnqheshh9t
MD5

3787b4f8caa5f6886e503635a23a4110
SHA1

87ac87e3c5b2b0d0a4eccff83752aa793e39a690
SHA256

7f1a52cac35549b240ccc2c55608b8ed1446e1ac9f77420190bb85b10295db82
SHA512

ec588d6628c1bc80b8de9664473451aff59624a48dd638ad067b7a1ae5a7393f4e4be8cc4d715a7dd2808bab0a9bb91c24bf3bc706a325951873728fcf67bec9
SSDEEP

12288:wlbF+Waplw9U+qMi8CtdVldusIh6BBHCHrKZXCktSzIzWpX54:WbF+NYTqMi8CtBd2QHCHmTBW54

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  3787b4f8caa5f6886e503635a23a4110_NeikiAnalytics.exe
- Size
  
  615KB
- MD5
  
  3787b4f8caa5f6886e503635a23a4110
- SHA1
  
  87ac87e3c5b2b0d0a4eccff83752aa793e39a690
- SHA256
  
  7f1a52cac35549b240ccc2c55608b8ed1446e1ac9f77420190bb85b10295db82
- SHA512
  
  ec588d6628c1bc80b8de9664473451aff59624a48dd638ad067b7a1ae5a7393f4e4be8cc4d715a7dd2808bab0a9bb91c24bf3bc706a325951873728fcf67bec9
- SSDEEP
  
  12288:wlbF+Waplw9U+qMi8CtdVldusIh6BBHCHrKZXCktSzIzWpX54:WbF+NYTqMi8CtBd2QHCHmTBW54
Score

7^/10

persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2