f02d3d53bcb5d62b8a1ff3f3314676e170645afef4ff5ffe7841bfbb9ab2e7d5 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

00d003e7f2a95ee27c38ae2814324130_NeikiAnalytics.exe
Size

259KB
Sample

240601-11wjbaha62
MD5

00d003e7f2a95ee27c38ae2814324130
SHA1

7e64b7601b174d2e8c911ab5af0551dfcd75a663
SHA256

f02d3d53bcb5d62b8a1ff3f3314676e170645afef4ff5ffe7841bfbb9ab2e7d5
SHA512

c66ba553f35b5305ffa407adb977f11b1053ddc387c4237b504a9d9b9de680679ebf1f21318736bf820a271b69e9ddcdafca5f762897ac80e859edbe612c0a92
SSDEEP

3072:Hyx3nzjMgiNIamsJ9IDlRxyhTbhgu+tAcrzkAqSxYIhOmTsF93UYfwC6GIoutz5s:HyljMbNCssDshsrYIcm4FmowdHoSa

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  00d003e7f2a95ee27c38ae2814324130_NeikiAnalytics.exe
- Size
  
  259KB
- MD5
  
  00d003e7f2a95ee27c38ae2814324130
- SHA1
  
  7e64b7601b174d2e8c911ab5af0551dfcd75a663
- SHA256
  
  f02d3d53bcb5d62b8a1ff3f3314676e170645afef4ff5ffe7841bfbb9ab2e7d5
- SHA512
  
  c66ba553f35b5305ffa407adb977f11b1053ddc387c4237b504a9d9b9de680679ebf1f21318736bf820a271b69e9ddcdafca5f762897ac80e859edbe612c0a92
- SSDEEP
  
  3072:Hyx3nzjMgiNIamsJ9IDlRxyhTbhgu+tAcrzkAqSxYIhOmTsF93UYfwC6GIoutz5s:HyljMbNCssDshsrYIcm4FmowdHoSa
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2