46758b572170c5b64798eae80f34c09a6745b50f16df2c740d566c2659b69ddf | Triage

Sharing

General

Target

46758b572170c5b64798eae80f34c09a6745b50f16df2c740d566c2659b69ddf_NeikiAnalytics.exe
Size

199KB
Sample

240620-jk35sawgmh
MD5

43db34bc26228deaacf28c03de8c4400
SHA1

d3aeb6c2a805282a807a97b635a43a30b5014391
SHA256

46758b572170c5b64798eae80f34c09a6745b50f16df2c740d566c2659b69ddf
SHA512

f88da0a2e4b53e10e0adb5879c81f8ab952921f83c46e854635720748664323e0d157e0146d075a9c4b65aa2289923425afb696b90ef65ecb1b1743d1d30f599
SSDEEP

3072:dTjOM5/T56eS5DSCopsIm81+jq2832dp5Xp+7+10K03Rq/ghavVQXxFaPsRbh:d24geSZSCZj81+jq4peBK034YOmFz1h

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  46758b572170c5b64798eae80f34c09a6745b50f16df2c740d566c2659b69ddf_NeikiAnalytics.exe
- Size
  
  199KB
- MD5
  
  43db34bc26228deaacf28c03de8c4400
- SHA1
  
  d3aeb6c2a805282a807a97b635a43a30b5014391
- SHA256
  
  46758b572170c5b64798eae80f34c09a6745b50f16df2c740d566c2659b69ddf
- SHA512
  
  f88da0a2e4b53e10e0adb5879c81f8ab952921f83c46e854635720748664323e0d157e0146d075a9c4b65aa2289923425afb696b90ef65ecb1b1743d1d30f599
- SSDEEP
  
  3072:dTjOM5/T56eS5DSCopsIm81+jq2832dp5Xp+7+10K03Rq/ghavVQXxFaPsRbh:d24geSZSCZj81+jq4peBK034YOmFz1h
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2