1c8f4f8d09fb49f2707633b4930c20f444de4413ff79d510e78c72dceb5d7d7e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1c8f4f8d09fb49f2707633b4930c20f444de4413ff79d510e78c72dceb5d7d7e_NeikiAnalytics.exe
Size

161KB
Sample

240620-amq4kashpk
MD5

49234d21c713c0b59e02c8fb20f20cf0
SHA1

694d0303c19e3c0fe8dd48ac4df0f0132ff3419d
SHA256

1c8f4f8d09fb49f2707633b4930c20f444de4413ff79d510e78c72dceb5d7d7e
SHA512

61e30ba09dea8d7a8e0798e992c31c5568c835e2139efa0909901e92f0dbdc9a6fe3e606e128429e4985eec603f58d2365c3ed3ede7760e6b033d44845d2b715
SSDEEP

3072:PRbgKbEE5E1OYI5LkrVwtCJXeex7rrIRZK8K8/kvV:pgKbWotLkrVwtmeetrIyRV

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  1c8f4f8d09fb49f2707633b4930c20f444de4413ff79d510e78c72dceb5d7d7e_NeikiAnalytics.exe
- Size
  
  161KB
- MD5
  
  49234d21c713c0b59e02c8fb20f20cf0
- SHA1
  
  694d0303c19e3c0fe8dd48ac4df0f0132ff3419d
- SHA256
  
  1c8f4f8d09fb49f2707633b4930c20f444de4413ff79d510e78c72dceb5d7d7e
- SHA512
  
  61e30ba09dea8d7a8e0798e992c31c5568c835e2139efa0909901e92f0dbdc9a6fe3e606e128429e4985eec603f58d2365c3ed3ede7760e6b033d44845d2b715
- SSDEEP
  
  3072:PRbgKbEE5E1OYI5LkrVwtCJXeex7rrIRZK8K8/kvV:pgKbWotLkrVwtmeetrIyRV
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2