6b0970631b396193918c4f016d350b3352292675d2ee558a794e1b318c8a6f11 | Triage

Sharing

General

Target

6b0970631b396193918c4f016d350b3352292675d2ee558a794e1b318c8a6f11_NeikiAnalytics.exe
Size

368KB
Sample

240624-nh1zvstakm
MD5

be122e7bf22eab8de6bac5e064f73470
SHA1

e89600374d301762638edcb6018c2f69f5f082bd
SHA256

6b0970631b396193918c4f016d350b3352292675d2ee558a794e1b318c8a6f11
SHA512

77b9c440e0712e8de8f4ebc10d37b373f453f7e4860d8733dcb3e32fb83f5ac2eef627b2cf9c0e74795dd00eb5cde4c9ca67314196a6facb57d53308ce4427e3
SSDEEP

6144:tgOWymWXiVIGFM6234lKm3mo8Yvi4KsLTFM6234lKm3r8SeNpgdyuH1lh:t3WyihFB24lwR45FB24lJ87gj

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  6b0970631b396193918c4f016d350b3352292675d2ee558a794e1b318c8a6f11_NeikiAnalytics.exe
- Size
  
  368KB
- MD5
  
  be122e7bf22eab8de6bac5e064f73470
- SHA1
  
  e89600374d301762638edcb6018c2f69f5f082bd
- SHA256
  
  6b0970631b396193918c4f016d350b3352292675d2ee558a794e1b318c8a6f11
- SHA512
  
  77b9c440e0712e8de8f4ebc10d37b373f453f7e4860d8733dcb3e32fb83f5ac2eef627b2cf9c0e74795dd00eb5cde4c9ca67314196a6facb57d53308ce4427e3
- SSDEEP
  
  6144:tgOWymWXiVIGFM6234lKm3mo8Yvi4KsLTFM6234lKm3r8SeNpgdyuH1lh:t3WyihFB24lwR45FB24lJ87gj
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2