b5afbbab1880f4443a56282ee3a21915c64403288715951121e887ea1f48cacc | Triage

Sharing

Copy URL Twitter E-mail

General

Target

16d0d3f8e8bbb9a00881bcdf6e0bc1e0_NeikiAnalytics.exe
Size

73KB
Sample

240612-chyc7aydlc
MD5

16d0d3f8e8bbb9a00881bcdf6e0bc1e0
SHA1

d4aaa0239311389d173639590f9f31df03c2e5f0
SHA256

b5afbbab1880f4443a56282ee3a21915c64403288715951121e887ea1f48cacc
SHA512

900037f09bba4f9dff9fac4a375a94b8a54371f2eda2ff55564f7862ffeac73680f5ad3087365b6a4c05854eaa6edde714735f84e99ccc65cf9b8a901d3a84c9
SSDEEP

1536:L1RibqgIYk0PwplMif8Dbq1eNTAwkK5YMkhohBM:ZRiFkIwplXf8DSeNTc2UAM

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  16d0d3f8e8bbb9a00881bcdf6e0bc1e0_NeikiAnalytics.exe
- Size
  
  73KB
- MD5
  
  16d0d3f8e8bbb9a00881bcdf6e0bc1e0
- SHA1
  
  d4aaa0239311389d173639590f9f31df03c2e5f0
- SHA256
  
  b5afbbab1880f4443a56282ee3a21915c64403288715951121e887ea1f48cacc
- SHA512
  
  900037f09bba4f9dff9fac4a375a94b8a54371f2eda2ff55564f7862ffeac73680f5ad3087365b6a4c05854eaa6edde714735f84e99ccc65cf9b8a901d3a84c9
- SSDEEP
  
  1536:L1RibqgIYk0PwplMif8Dbq1eNTAwkK5YMkhohBM:ZRiFkIwplXf8DSeNTc2UAM
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2