de0d12ed64b6d37ac124f44fc5517fd88e71f4d8081ec7fc13307c8bb7f737b3 | Triage

Sharing

General

Target

21a754411c4ac5ea838c7dfd890f17c0_NeikiAnalytics.exe
Size

128KB
Sample

240602-cgbsssff68
MD5

21a754411c4ac5ea838c7dfd890f17c0
SHA1

3fd381a5939d3126072a5e004c3d5d0f3a2e89df
SHA256

de0d12ed64b6d37ac124f44fc5517fd88e71f4d8081ec7fc13307c8bb7f737b3
SHA512

9afb0e5d9a12aff287e5f2c8d1b1d7561e03754c7ce35eb051774600b946cd7d1a1d916a6efa752d090477b4e09f82b12618015887762e6d634b066478887972
SSDEEP

1536:5PdDictfpnpcA7rU6jSwKvaD7rZsRQBi5RhDxSRdRaTRc4MbbcSh4I4v5Ah1KyGt:5P5fp1PSzCDxseA57DxSvITW/cbFGS9n

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  21a754411c4ac5ea838c7dfd890f17c0_NeikiAnalytics.exe
- Size
  
  128KB
- MD5
  
  21a754411c4ac5ea838c7dfd890f17c0
- SHA1
  
  3fd381a5939d3126072a5e004c3d5d0f3a2e89df
- SHA256
  
  de0d12ed64b6d37ac124f44fc5517fd88e71f4d8081ec7fc13307c8bb7f737b3
- SHA512
  
  9afb0e5d9a12aff287e5f2c8d1b1d7561e03754c7ce35eb051774600b946cd7d1a1d916a6efa752d090477b4e09f82b12618015887762e6d634b066478887972
- SSDEEP
  
  1536:5PdDictfpnpcA7rU6jSwKvaD7rZsRQBi5RhDxSRdRaTRc4MbbcSh4I4v5Ah1KyGt:5P5fp1PSzCDxseA57DxSvITW/cbFGS9n
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2