4a0059277ce994b7baf1955a1a1136f263dac80792b9bf18a2ee6defe4a2a474 | Triage

Sharing

General

Target

4361714d82539f50e5c2e29497c8d980_NeikiAnalytics.exe
Size

522KB
Sample

240618-pa1vkasfnd
MD5

4361714d82539f50e5c2e29497c8d980
SHA1

27fd129a4b32c8ddb0dbb4dc80989a0889a5cb89
SHA256

4a0059277ce994b7baf1955a1a1136f263dac80792b9bf18a2ee6defe4a2a474
SHA512

7a83d1f0dd2617a79b5cfa708e49ef46406fe49f2dbc14aec2d0b9d5a2fdff4d45609f758f8732e6f2fc9538450dab4e4d30835cb273d98ad301e3f4c8fb4b1d
SSDEEP

12288:Yv51uQ6qmKxUijEW4BMgzoc5kHDO6Tf2H6acxS:RCmKxUiKCxO6D2aaB

Score

7^/10

persistence privilege_escalation

Malware Config

Targets

- Target
  
  4361714d82539f50e5c2e29497c8d980_NeikiAnalytics.exe
- Size
  
  522KB
- MD5
  
  4361714d82539f50e5c2e29497c8d980
- SHA1
  
  27fd129a4b32c8ddb0dbb4dc80989a0889a5cb89
- SHA256
  
  4a0059277ce994b7baf1955a1a1136f263dac80792b9bf18a2ee6defe4a2a474
- SHA512
  
  7a83d1f0dd2617a79b5cfa708e49ef46406fe49f2dbc14aec2d0b9d5a2fdff4d45609f758f8732e6f2fc9538450dab4e4d30835cb273d98ad301e3f4c8fb4b1d
- SSDEEP
  
  12288:Yv51uQ6qmKxUijEW4BMgzoc5kHDO6Tf2H6acxS:RCmKxUiKCxO6D2aaB
Score

7^/10

persistence privilege_escalation
- Event Triggered Execution: Component Object Model Hijacking
  Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.
  persistence privilege_escalation
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Event Triggered Execution

Component Object Model Hijacking

Privilege Escalation

Event Triggered Execution

Component Object Model Hijacking

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

persistenceprivilege_escalation

behavioral2

persistenceprivilege_escalation