3317e6851ee4b3ea33d7ee91a9e162e64805f7a1852354e5e04a8621d556cfec | Triage

Sharing

General

Target

3e0b4acf6c96177e48509ccd99a79980_NeikiAnalytics.exe
Size

435KB
Sample

240529-e1ls8abb94
MD5

3e0b4acf6c96177e48509ccd99a79980
SHA1

a9e9284c0ca2fce441b5c0b58b1975dfa128cc73
SHA256

3317e6851ee4b3ea33d7ee91a9e162e64805f7a1852354e5e04a8621d556cfec
SHA512

30ce9c413bd9e97e4432d24f6cc0bcc7430945e5489a17f7499291ce01ea612fbd1e172c2b11bb5f1ed5641cc972653d68060cf211841f46d012c58d366a97ec
SSDEEP

6144:Fz5pPCywbWGRdA6sQc/Yp7TVX3J/1awbWGRdA6sQc/Y+mjwjOx5H:FlpobWGRdA6sQhPbWGRdA6sQvjpxN

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  3e0b4acf6c96177e48509ccd99a79980_NeikiAnalytics.exe
- Size
  
  435KB
- MD5
  
  3e0b4acf6c96177e48509ccd99a79980
- SHA1
  
  a9e9284c0ca2fce441b5c0b58b1975dfa128cc73
- SHA256
  
  3317e6851ee4b3ea33d7ee91a9e162e64805f7a1852354e5e04a8621d556cfec
- SHA512
  
  30ce9c413bd9e97e4432d24f6cc0bcc7430945e5489a17f7499291ce01ea612fbd1e172c2b11bb5f1ed5641cc972653d68060cf211841f46d012c58d366a97ec
- SSDEEP
  
  6144:Fz5pPCywbWGRdA6sQc/Yp7TVX3J/1awbWGRdA6sQc/Y+mjwjOx5H:FlpobWGRdA6sQhPbWGRdA6sQvjpxN
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2