40c14d35872b2e587062c58dc33debc0ccb12bad003b478a91da12c4e3c31f5f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

40c14d35872b2e587062c58dc33debc0ccb12bad003b478a91da12c4e3c31f5f_NeikiAnalytics.exe
Size

2.5MB
Sample

240624-fnfxwa1dlm
MD5

0aef6faa10c7ce2a5906ad51fa84b3f0
SHA1

1b367f5b0091d50b3ecc4518b4615b71072d25e5
SHA256

40c14d35872b2e587062c58dc33debc0ccb12bad003b478a91da12c4e3c31f5f
SHA512

e3ea7fd5843b3fd877de575cf8dc5604cd848ba3b432335207278b616af39a54ac5ea914b4fd5efb2d8f231921cc6d3b3dfebbd98bdd43d843226ce949ca4d8d
SSDEEP

49152:+R0p8xHycIq+GI27nGroMPTJPer1c2HSjpjK3LBb9w4S:+R0pI/IQlUoMPdmpSpL4

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  40c14d35872b2e587062c58dc33debc0ccb12bad003b478a91da12c4e3c31f5f_NeikiAnalytics.exe
- Size
  
  2.5MB
- MD5
  
  0aef6faa10c7ce2a5906ad51fa84b3f0
- SHA1
  
  1b367f5b0091d50b3ecc4518b4615b71072d25e5
- SHA256
  
  40c14d35872b2e587062c58dc33debc0ccb12bad003b478a91da12c4e3c31f5f
- SHA512
  
  e3ea7fd5843b3fd877de575cf8dc5604cd848ba3b432335207278b616af39a54ac5ea914b4fd5efb2d8f231921cc6d3b3dfebbd98bdd43d843226ce949ca4d8d
- SSDEEP
  
  49152:+R0p8xHycIq+GI27nGroMPTJPer1c2HSjpjK3LBb9w4S:+R0pI/IQlUoMPdmpSpL4
Score

7^/10

persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2