082db95537e0879ba0e98c5ad403cff2e2115c9759f0900b702da3d9a12dae60 | Triage

Sharing

General

Target

4f794953cfa01e8b0fbc7ef33a8a0400_NeikiAnalytics.exe
Size

128KB
Sample

240529-llvk5sba59
MD5

4f794953cfa01e8b0fbc7ef33a8a0400
SHA1

68dd67e1cd02ba9873e1f61f836a53d7eee7e265
SHA256

082db95537e0879ba0e98c5ad403cff2e2115c9759f0900b702da3d9a12dae60
SHA512

17cd0a5e42afa6699a0363655eee2e9f36878aac9bd88d93fb4eb65cf2749c3e90b44ba715c771331bbd15b63cdd7656423c937f28256427c977ff4860be0977
SSDEEP

3072:+wbCLN5xkTMK3CsfHKd9mMVu5b2Flz0ZRCOXymn1lqkKv2outkTy2o:+wKmmaHTs2oSkTlo

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  4f794953cfa01e8b0fbc7ef33a8a0400_NeikiAnalytics.exe
- Size
  
  128KB
- MD5
  
  4f794953cfa01e8b0fbc7ef33a8a0400
- SHA1
  
  68dd67e1cd02ba9873e1f61f836a53d7eee7e265
- SHA256
  
  082db95537e0879ba0e98c5ad403cff2e2115c9759f0900b702da3d9a12dae60
- SHA512
  
  17cd0a5e42afa6699a0363655eee2e9f36878aac9bd88d93fb4eb65cf2749c3e90b44ba715c771331bbd15b63cdd7656423c937f28256427c977ff4860be0977
- SSDEEP
  
  3072:+wbCLN5xkTMK3CsfHKd9mMVu5b2Flz0ZRCOXymn1lqkKv2outkTy2o:+wKmmaHTs2oSkTlo
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2