5d0d82f975080840ae283a2a1b667a5d4b5df487bf68168bcd37ee1590ae0f90 | Triage

Sharing

General

Target

34b7f8e2bb22993d52cf9090eb728b50_NeikiAnalytics.exe
Size

100KB
Sample

240604-gk41zafh27
MD5

34b7f8e2bb22993d52cf9090eb728b50
SHA1

1b4d3aeb7b7b044bdce64b7a5ab940479aca3193
SHA256

5d0d82f975080840ae283a2a1b667a5d4b5df487bf68168bcd37ee1590ae0f90
SHA512

297f4eb7620cbcd32159ec9b59703ef104de1905436fd461340edd477cb604be2d280f7b66971d27a5106f4c962f867913654967e178321437c5dde2ac020167
SSDEEP

3072:j4feCd1nMg9taZOhxO3nDc4yBtJVR9ZlpvErG3dMFR8n5j8YD:jxg9Z63nfyBtJVR9ZlpvErG3+FR6jp

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  34b7f8e2bb22993d52cf9090eb728b50_NeikiAnalytics.exe
- Size
  
  100KB
- MD5
  
  34b7f8e2bb22993d52cf9090eb728b50
- SHA1
  
  1b4d3aeb7b7b044bdce64b7a5ab940479aca3193
- SHA256
  
  5d0d82f975080840ae283a2a1b667a5d4b5df487bf68168bcd37ee1590ae0f90
- SHA512
  
  297f4eb7620cbcd32159ec9b59703ef104de1905436fd461340edd477cb604be2d280f7b66971d27a5106f4c962f867913654967e178321437c5dde2ac020167
- SSDEEP
  
  3072:j4feCd1nMg9taZOhxO3nDc4yBtJVR9ZlpvErG3dMFR8n5j8YD:jxg9Z63nfyBtJVR9ZlpvErG3+FR6jp
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2