af72efeefe6c654e60138aa5259f783d1221ebac6b90262f4b1deb62127b2148 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3a9dba9fa4ad8953ea49f0e836be5c20_NeikiAnalytics.exe
Size

149KB
Sample

240607-fw642abc54
MD5

3a9dba9fa4ad8953ea49f0e836be5c20
SHA1

cedf88f719df05c0a800cacb030fd9dcf2387dad
SHA256

af72efeefe6c654e60138aa5259f783d1221ebac6b90262f4b1deb62127b2148
SHA512

eba152f4570dce39e7e4e0ad473e95a9988987e9e92765601e9b724be8cc7d91ecd0f034df1640e7bbf1bdbbe344706e6925e45944b16a9f38fb83c10de080dd
SSDEEP

3072:2pBvXEzYmorfUc4Gua+I9QsybXtc9acBR6Hcb1pRR7bbxgfKaNAmXjTi1StNm64m:OWz2Hz9QH69acBBb1TVbbxgfdvXjTY3m

Score

8^/10

persistence upx

Malware Config

Targets

- Target
  
  3a9dba9fa4ad8953ea49f0e836be5c20_NeikiAnalytics.exe
- Size
  
  149KB
- MD5
  
  3a9dba9fa4ad8953ea49f0e836be5c20
- SHA1
  
  cedf88f719df05c0a800cacb030fd9dcf2387dad
- SHA256
  
  af72efeefe6c654e60138aa5259f783d1221ebac6b90262f4b1deb62127b2148
- SHA512
  
  eba152f4570dce39e7e4e0ad473e95a9988987e9e92765601e9b724be8cc7d91ecd0f034df1640e7bbf1bdbbe344706e6925e45944b16a9f38fb83c10de080dd
- SSDEEP
  
  3072:2pBvXEzYmorfUc4Gua+I9QsybXtc9acBR6Hcb1pRR7bbxgfKaNAmXjTi1StNm64m:OWz2Hz9QH69acBBb1TVbbxgfdvXjTY3m
Score

8^/10

persistence upx
- Modifies AppInit DLL entries
  persistence
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2