8b1223c4eabde17c21e23c8db5435da8838087f610023114fa2e003e743ea9bc | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4837f62f773751f282f069802550f370_NeikiAnalytics.exe
Size

207KB
Sample

240617-e189hsybmp
MD5

4837f62f773751f282f069802550f370
SHA1

e0b5a7d897f9777f07a4f707f015e04eb1570590
SHA256

8b1223c4eabde17c21e23c8db5435da8838087f610023114fa2e003e743ea9bc
SHA512

6756125f7a3778ad6d055574844b940aff7d29a7c39fa985cacb1019ce5c47fe074fd17e041c20e5ff7857cf5263a0a22be51fe9322587b0f37a3466a6996d76
SSDEEP

3072:zWIVSAMAa5+Kk0lhVjoSdoxx4KcWmjRrzyAyAtWgoJSWYVo2ASOvojoS:zFdMX5+4hVjj+VPj92d62ASOwj

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  4837f62f773751f282f069802550f370_NeikiAnalytics.exe
- Size
  
  207KB
- MD5
  
  4837f62f773751f282f069802550f370
- SHA1
  
  e0b5a7d897f9777f07a4f707f015e04eb1570590
- SHA256
  
  8b1223c4eabde17c21e23c8db5435da8838087f610023114fa2e003e743ea9bc
- SHA512
  
  6756125f7a3778ad6d055574844b940aff7d29a7c39fa985cacb1019ce5c47fe074fd17e041c20e5ff7857cf5263a0a22be51fe9322587b0f37a3466a6996d76
- SSDEEP
  
  3072:zWIVSAMAa5+Kk0lhVjoSdoxx4KcWmjRrzyAyAtWgoJSWYVo2ASOvojoS:zFdMX5+4hVjj+VPj92d62ASOwj
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2