39ed3f053a4fcfa3693c5eab7c29180dc105c1e284bd2673b4d0806a5cca05d0 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

39ed3f053a4fcfa3693c5eab7c29180dc105c1e284bd2673b4d0806a5cca05d0_NeikiAnalytics.exe
Size

184KB
Sample

240620-f9l11swdkp
MD5

11b8e8cfa2e0763f56fd9ea4a789df90
SHA1

d9d1ef95ac87f3891310b53b8eac6c0ddbf0a49c
SHA256

39ed3f053a4fcfa3693c5eab7c29180dc105c1e284bd2673b4d0806a5cca05d0
SHA512

f94f323a4d6a0b917c24e67a91d1754971e349f6056d630e99af2991ec09a563061b42f674cba6e98beb802486b3134ae48ef25c9f66332403e06410411db271
SSDEEP

3072:83GZG83JkacKd/vtWq2M0c1lvMqnViu5:83m3AG/vyMl1lEqnViu

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  39ed3f053a4fcfa3693c5eab7c29180dc105c1e284bd2673b4d0806a5cca05d0_NeikiAnalytics.exe
- Size
  
  184KB
- MD5
  
  11b8e8cfa2e0763f56fd9ea4a789df90
- SHA1
  
  d9d1ef95ac87f3891310b53b8eac6c0ddbf0a49c
- SHA256
  
  39ed3f053a4fcfa3693c5eab7c29180dc105c1e284bd2673b4d0806a5cca05d0
- SHA512
  
  f94f323a4d6a0b917c24e67a91d1754971e349f6056d630e99af2991ec09a563061b42f674cba6e98beb802486b3134ae48ef25c9f66332403e06410411db271
- SSDEEP
  
  3072:83GZG83JkacKd/vtWq2M0c1lvMqnViu5:83m3AG/vyMl1lEqnViu
Score

8^/10

persistence
- Boot or Logon Autostart Execution: Active Setup
  Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.
  persistence
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Active Setup

Privilege Escalation

Boot or Logon Autostart Execution

Active Setup

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2