5b03fab70a59528eabeea74e4c3b3b4c123ebfcbe9c30474f9ff69d37f684755 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5b03fab70a59528eabeea74e4c3b3b4c123ebfcbe9c30474f9ff69d37f684755_NeikiAnalytics.exe
Size

128KB
Sample

240624-kym66athkf
MD5

daa5a862cffcb107cafeeabf6c692090
SHA1

1eabc7c17295bf9e25484c9e43a6379c4a48cefd
SHA256

5b03fab70a59528eabeea74e4c3b3b4c123ebfcbe9c30474f9ff69d37f684755
SHA512

d13c67d22c7b06dde728fb8b26a7c3357d45e9a1f30aa7317fd0262c39c92f022964c2e884cdda8e555ae04d20ca3d33d9b1b3bd9b7996e302dd4921ee3fb809
SSDEEP

3072:S9WbslrGo8j0v/0oyXPyTRhg808uFafmHURHAVgnvedh6:Si+8jVPyTRW808uF8YU8gnve7

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  5b03fab70a59528eabeea74e4c3b3b4c123ebfcbe9c30474f9ff69d37f684755_NeikiAnalytics.exe
- Size
  
  128KB
- MD5
  
  daa5a862cffcb107cafeeabf6c692090
- SHA1
  
  1eabc7c17295bf9e25484c9e43a6379c4a48cefd
- SHA256
  
  5b03fab70a59528eabeea74e4c3b3b4c123ebfcbe9c30474f9ff69d37f684755
- SHA512
  
  d13c67d22c7b06dde728fb8b26a7c3357d45e9a1f30aa7317fd0262c39c92f022964c2e884cdda8e555ae04d20ca3d33d9b1b3bd9b7996e302dd4921ee3fb809
- SSDEEP
  
  3072:S9WbslrGo8j0v/0oyXPyTRhg808uFafmHURHAVgnvedh6:Si+8jVPyTRW808uF8YU8gnve7
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2