4e369bb566375565413046bce9aeea73fea0f119cc19784a0cafcc31f592139d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4e369bb566375565413046bce9aeea73fea0f119cc19784a0cafcc31f592139d_NeikiAnalytics.exe
Size

109KB
Sample

240624-hyavqazeph
MD5

3a4697a433215b494ba18567c2986940
SHA1

26c35e05b132ea11c6d70b264ba8bce7d1e69cac
SHA256

4e369bb566375565413046bce9aeea73fea0f119cc19784a0cafcc31f592139d
SHA512

d79fecb045f102cb5534d61a01c6febf15dc67a3f691fb74078e7f76d4b162d22cca541e41bf728e5c474e903f34df17f23b5d31501c124ac37428a3a234760f
SSDEEP

3072:37d7UhYjTSSJc2H8fo3PXl9Z7S/yCsKh2EzZA/z:Ld7xJc2Hgo35e/yCthvUz

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  4e369bb566375565413046bce9aeea73fea0f119cc19784a0cafcc31f592139d_NeikiAnalytics.exe
- Size
  
  109KB
- MD5
  
  3a4697a433215b494ba18567c2986940
- SHA1
  
  26c35e05b132ea11c6d70b264ba8bce7d1e69cac
- SHA256
  
  4e369bb566375565413046bce9aeea73fea0f119cc19784a0cafcc31f592139d
- SHA512
  
  d79fecb045f102cb5534d61a01c6febf15dc67a3f691fb74078e7f76d4b162d22cca541e41bf728e5c474e903f34df17f23b5d31501c124ac37428a3a234760f
- SSDEEP
  
  3072:37d7UhYjTSSJc2H8fo3PXl9Z7S/yCsKh2EzZA/z:Ld7xJc2Hgo35e/yCthvUz
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2