071b1e99af09b93b9f174003adf19545eeca982d2cfa94da8f2276fd0a99c889 | Triage

Sharing

General

Target

709277220bb33f317b3fab7202799cb0_NeikiAnalytics.exe
Size

3.0MB
Sample

240617-k3z2hsxglp
MD5

709277220bb33f317b3fab7202799cb0
SHA1

b8f279be36a365c6ca1f14b84a94d46a7d2e1b02
SHA256

071b1e99af09b93b9f174003adf19545eeca982d2cfa94da8f2276fd0a99c889
SHA512

6e545146971f3423dca871c4b1f32a71c50875689dd9be54fe2fedda07c4bc900bf39f3a7579024865986ba0d90c901dee4dd90039e9d742747d47c510feaccc
SSDEEP

49152:sNKCNMzi/hUtlii+e1W2MczIxkNe8DZ93RQAYPENeG9/cPROKsoMn:yKuMzi/hKliu1Ux0e8DZbzd

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  709277220bb33f317b3fab7202799cb0_NeikiAnalytics.exe
- Size
  
  3.0MB
- MD5
  
  709277220bb33f317b3fab7202799cb0
- SHA1
  
  b8f279be36a365c6ca1f14b84a94d46a7d2e1b02
- SHA256
  
  071b1e99af09b93b9f174003adf19545eeca982d2cfa94da8f2276fd0a99c889
- SHA512
  
  6e545146971f3423dca871c4b1f32a71c50875689dd9be54fe2fedda07c4bc900bf39f3a7579024865986ba0d90c901dee4dd90039e9d742747d47c510feaccc
- SSDEEP
  
  49152:sNKCNMzi/hUtlii+e1W2MczIxkNe8DZ93RQAYPENeG9/cPROKsoMn:yKuMzi/hKliu1Ux0e8DZbzd
Score

10^/10

evasion persistence
- Modifies visiblity of hidden/system files in Explorer
  evasion
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Scheduled Task/Job

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Scheduled Task/Job

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence