2a66b5b52b6963eb5f7e5cc1b284581a8b81fec66ddab5075562cf3b7bccff13 | Triage

Sharing

General

Target

e401664f98452cba3374f52387cd6f70_NeikiAnalytics.exe
Size

108KB
Sample

240531-xaldwaha7z
MD5

e401664f98452cba3374f52387cd6f70
SHA1

92ca6109d83a62dae89f28c0103825ffa53490ec
SHA256

2a66b5b52b6963eb5f7e5cc1b284581a8b81fec66ddab5075562cf3b7bccff13
SHA512

5d9fab03418e6b4e8011cd3e343d2d750bf071f91bc18c6da19986ca11f8f5b3a22c0f3886f0c8cee49dcac4f9057383d16c4178ade02a8ad47eb8ba0512fe6e
SSDEEP

3072:d8vpuFe3fCwansHnfHgZRJ8ln7cOoUFcFmKcUsvKwF:d8B+e3fCwVHfHg9W7cOowUs

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  e401664f98452cba3374f52387cd6f70_NeikiAnalytics.exe
- Size
  
  108KB
- MD5
  
  e401664f98452cba3374f52387cd6f70
- SHA1
  
  92ca6109d83a62dae89f28c0103825ffa53490ec
- SHA256
  
  2a66b5b52b6963eb5f7e5cc1b284581a8b81fec66ddab5075562cf3b7bccff13
- SHA512
  
  5d9fab03418e6b4e8011cd3e343d2d750bf071f91bc18c6da19986ca11f8f5b3a22c0f3886f0c8cee49dcac4f9057383d16c4178ade02a8ad47eb8ba0512fe6e
- SSDEEP
  
  3072:d8vpuFe3fCwansHnfHgZRJ8ln7cOoUFcFmKcUsvKwF:d8B+e3fCwVHfHg9W7cOowUs
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2