9ac1f725dc5cdb1896340fa4e6522bdf92a291e5feb0d3ede8c8e993bd28207a | Triage

Sharing

General

Target

9ac1f725dc5cdb1896340fa4e6522bdf92a291e5feb0d3ede8c8e993bd28207a_NeikiAnalytics.exe
Size

768KB
Sample

240624-wyr1wsyhpj
MD5

17ef27c426efdd0ce20373c5f5e897b0
SHA1

aa6b2de02ef42f301543405cf27a91d94b87dee0
SHA256

9ac1f725dc5cdb1896340fa4e6522bdf92a291e5feb0d3ede8c8e993bd28207a
SHA512

a21fbdccce659c948277d676d21d22185bca580601d6437a7d83c9a4e4c50b37e16792d37847f51ef01df35353311e59befad3f15a29e537b632c947ec0f1275
SSDEEP

12288:MmvvW6IvYvc6IveDVqvQ6IvTPh2kkkkK4kXkkkkkkkkl888888888888888888nd:c3q5hPPh2kkkkK4kXkkkkkkkkH

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  9ac1f725dc5cdb1896340fa4e6522bdf92a291e5feb0d3ede8c8e993bd28207a_NeikiAnalytics.exe
- Size
  
  768KB
- MD5
  
  17ef27c426efdd0ce20373c5f5e897b0
- SHA1
  
  aa6b2de02ef42f301543405cf27a91d94b87dee0
- SHA256
  
  9ac1f725dc5cdb1896340fa4e6522bdf92a291e5feb0d3ede8c8e993bd28207a
- SHA512
  
  a21fbdccce659c948277d676d21d22185bca580601d6437a7d83c9a4e4c50b37e16792d37847f51ef01df35353311e59befad3f15a29e537b632c947ec0f1275
- SSDEEP
  
  12288:MmvvW6IvYvc6IveDVqvQ6IvTPh2kkkkK4kXkkkkkkkkl888888888888888888nd:c3q5hPPh2kkkkK4kXkkkkkkkkH
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2