1878b89d871103b07322b0bc4a0e1bdc7037880c4d50747a73d442d99f299e77 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2a2fdc1100e3a228b76e8a20600c7710_NeikiAnalytics.exe
Size

1.3MB
Sample

240529-zdqtwahh56
MD5

2a2fdc1100e3a228b76e8a20600c7710
SHA1

1466a561c65eaa114574a3b9d654f8fbdc713884
SHA256

1878b89d871103b07322b0bc4a0e1bdc7037880c4d50747a73d442d99f299e77
SHA512

f5d9963624e89ca878c50d2946a320e756da3d0c8b2eae8ee16d9d9332106540b080b70cc76eaace8c59023a99b57668824097021834fd82aad636fd00f1a7f3
SSDEEP

6144:ReYQ5zAN3TV5m5JurE5ZC2npb+oB+Zz2HG8t0DoEWufVuvw0HBHY8rQ+6bPD3wPk:e2jm5sAbaz22cWfVaw0HBHY8r8ABjMn

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  2a2fdc1100e3a228b76e8a20600c7710_NeikiAnalytics.exe
- Size
  
  1.3MB
- MD5
  
  2a2fdc1100e3a228b76e8a20600c7710
- SHA1
  
  1466a561c65eaa114574a3b9d654f8fbdc713884
- SHA256
  
  1878b89d871103b07322b0bc4a0e1bdc7037880c4d50747a73d442d99f299e77
- SHA512
  
  f5d9963624e89ca878c50d2946a320e756da3d0c8b2eae8ee16d9d9332106540b080b70cc76eaace8c59023a99b57668824097021834fd82aad636fd00f1a7f3
- SSDEEP
  
  6144:ReYQ5zAN3TV5m5JurE5ZC2npb+oB+Zz2HG8t0DoEWufVuvw0HBHY8rQ+6bPD3wPk:e2jm5sAbaz22cWfVaw0HBHY8r8ABjMn
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2