5485c599208ed5180b4c567c2a9b7f71fd0773be37c5ae6a42b69a5d29a19dcf | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f91102f1380708c41e5859fe5cf3cc00_NeikiAnalytics.exe
Size

94KB
Sample

240530-k5rg6adf87
MD5

f91102f1380708c41e5859fe5cf3cc00
SHA1

267546a163454facde0f7a597dff01826b8225f5
SHA256

5485c599208ed5180b4c567c2a9b7f71fd0773be37c5ae6a42b69a5d29a19dcf
SHA512

504549ea7807f6888e140034cf4bb63afb3cbff804bdc1bfa76115e5c742c6f78174c3acb30fa93fe4f18be5ed40a40b7cd050b6d5249c7f9304fe843bb589cf
SSDEEP

1536:vgdmLwu2C0gFk8Ax63lfvomB0Clwnu+k5ZvAGawjh3FNAwLYZJe28Xmd+7BR9L45:ocLbpkpx6VfQmB0Clwnu+k5ZYGxtAwLg

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  f91102f1380708c41e5859fe5cf3cc00_NeikiAnalytics.exe
- Size
  
  94KB
- MD5
  
  f91102f1380708c41e5859fe5cf3cc00
- SHA1
  
  267546a163454facde0f7a597dff01826b8225f5
- SHA256
  
  5485c599208ed5180b4c567c2a9b7f71fd0773be37c5ae6a42b69a5d29a19dcf
- SHA512
  
  504549ea7807f6888e140034cf4bb63afb3cbff804bdc1bfa76115e5c742c6f78174c3acb30fa93fe4f18be5ed40a40b7cd050b6d5249c7f9304fe843bb589cf
- SSDEEP
  
  1536:vgdmLwu2C0gFk8Ax63lfvomB0Clwnu+k5ZvAGawjh3FNAwLYZJe28Xmd+7BR9L45:ocLbpkpx6VfQmB0Clwnu+k5ZYGxtAwLg
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2