45043a669fbe3336ec75d4a7e5c8ea6887f1dc708f4dca41a6affc7d6268df59 | Triage

Sharing

General

Target

77e6ab58993b1f6e55a95bcc49ddadf0_NeikiAnalytics.exe
Size

128KB
Sample

240617-l2bszazcqn
MD5

77e6ab58993b1f6e55a95bcc49ddadf0
SHA1

7c60bb96979996eb21e2efe6f36e240c70550e6c
SHA256

45043a669fbe3336ec75d4a7e5c8ea6887f1dc708f4dca41a6affc7d6268df59
SHA512

8eebde44dcd8f50d9baec9191d3432e8e74e50f4224a86d8bcb8d8f41662decb0bd12ee6d477af189edc272b66b8231dc22e3f8f55488b1dea598c5922b4d65c
SSDEEP

3072:XrJya8ErHFntQsG62/BhHmiImXJ2fYdV46nfPyxWhj8NCM/r:tyDErJ6s54BhHmNEcYj9nhV8NCU

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  77e6ab58993b1f6e55a95bcc49ddadf0_NeikiAnalytics.exe
- Size
  
  128KB
- MD5
  
  77e6ab58993b1f6e55a95bcc49ddadf0
- SHA1
  
  7c60bb96979996eb21e2efe6f36e240c70550e6c
- SHA256
  
  45043a669fbe3336ec75d4a7e5c8ea6887f1dc708f4dca41a6affc7d6268df59
- SHA512
  
  8eebde44dcd8f50d9baec9191d3432e8e74e50f4224a86d8bcb8d8f41662decb0bd12ee6d477af189edc272b66b8231dc22e3f8f55488b1dea598c5922b4d65c
- SSDEEP
  
  3072:XrJya8ErHFntQsG62/BhHmiImXJ2fYdV46nfPyxWhj8NCM/r:tyDErJ6s54BhHmNEcYj9nhV8NCU
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2