3df50503efdee22423c1e0317384e529ef6114f6b78200459b915524e4dc436c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3e2b9a56c30e11d01a57c101c799f2c0_NeikiAnalytics.exe
Size

479KB
Sample

240617-dtln7swcrm
MD5

3e2b9a56c30e11d01a57c101c799f2c0
SHA1

44878d85f77791c3d4fe6c7169aa6e93af4899bd
SHA256

3df50503efdee22423c1e0317384e529ef6114f6b78200459b915524e4dc436c
SHA512

5f27aaa8c13692e4b7de04ba7f68750ccdb4677bfe8de6172246a7cf61384ee55e1ad43e9f338ae12e8dd87cd4b685cc1e058beac4edc522f81956d5d17facfc
SSDEEP

6144:ALCp9b0BheIRJ6EQnT2leTLgNPx33fpu2leTLg:Pj0ZRJ6EQ6Q2drQ

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  3e2b9a56c30e11d01a57c101c799f2c0_NeikiAnalytics.exe
- Size
  
  479KB
- MD5
  
  3e2b9a56c30e11d01a57c101c799f2c0
- SHA1
  
  44878d85f77791c3d4fe6c7169aa6e93af4899bd
- SHA256
  
  3df50503efdee22423c1e0317384e529ef6114f6b78200459b915524e4dc436c
- SHA512
  
  5f27aaa8c13692e4b7de04ba7f68750ccdb4677bfe8de6172246a7cf61384ee55e1ad43e9f338ae12e8dd87cd4b685cc1e058beac4edc522f81956d5d17facfc
- SSDEEP
  
  6144:ALCp9b0BheIRJ6EQnT2leTLgNPx33fpu2leTLg:Pj0ZRJ6EQ6Q2drQ
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2