2a1a0cfae648dfa5f8b54ab4bce312bb93463e48deef5832fff7487437186779 | Triage

Sharing

General

Target

2a1a0cfae648dfa5f8b54ab4bce312bb93463e48deef5832fff7487437186779_NeikiAnalytics.exe
Size

72KB
Sample

240624-btevjswglp
MD5

0add25cdde35d168fd61d1f6cbf4a0a0
SHA1

d01604554903caa42df1dcf91125c40483358638
SHA256

2a1a0cfae648dfa5f8b54ab4bce312bb93463e48deef5832fff7487437186779
SHA512

40d3837edae82ddada206398d1ca506aec681afe8dcdf6bb4d749e2ed57993c7b23a3875de830d8894fcc7d0e61a9c2f28c33207f6863223ba7b2da29676cdbd
SSDEEP

1536:smD6BS7LL1ido9yHSmBmSKmS63DgirIH:spBon1iWyHSCTKTeDgb

Score

10^/10

evasion

Malware Config

Targets

- Target
  
  2a1a0cfae648dfa5f8b54ab4bce312bb93463e48deef5832fff7487437186779_NeikiAnalytics.exe
- Size
  
  72KB
- MD5
  
  0add25cdde35d168fd61d1f6cbf4a0a0
- SHA1
  
  d01604554903caa42df1dcf91125c40483358638
- SHA256
  
  2a1a0cfae648dfa5f8b54ab4bce312bb93463e48deef5832fff7487437186779
- SHA512
  
  40d3837edae82ddada206398d1ca506aec681afe8dcdf6bb4d749e2ed57993c7b23a3875de830d8894fcc7d0e61a9c2f28c33207f6863223ba7b2da29676cdbd
- SSDEEP
  
  1536:smD6BS7LL1ido9yHSmBmSKmS63DgirIH:spBon1iWyHSCTKTeDgb
Score

10^/10

evasion
- Modifies firewall policy service
  evasion
- Drops file in Drivers directory
- Executes dropped EXE
- Loads dropped DLL
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Impair Defenses

Disable or Modify System Firewall

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2