18e1041e875dcf54e71d511f3a09835f54ff3bd27406df6faed1073761c0996d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

18e1041e875dcf54e71d511f3a09835f54ff3bd27406df6faed1073761c0996d_NeikiAnalytics.exe
Size

55KB
Sample

240625-a6whdsvbql
MD5

be26db4f753e9292bf478861f3f2fbe0
SHA1

6a74c5cf6cf0f876128cd257353a593ad0bb9afb
SHA256

18e1041e875dcf54e71d511f3a09835f54ff3bd27406df6faed1073761c0996d
SHA512

99fe4063c110ae0c078d23deb1e42dfebf51966414e7ee7e4da7ce196c8ec49a6c0c04036ccf435a45c0404939c4c83a1bc36fdd1a6eab72bc04e314e72d90df
SSDEEP

1536:d4oHIQIogjnc8LPwTlKZl6D7xT/zAOVf9ZkBxkGNiih:dIQCjc9l/nf9ZknkMh

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  18e1041e875dcf54e71d511f3a09835f54ff3bd27406df6faed1073761c0996d_NeikiAnalytics.exe
- Size
  
  55KB
- MD5
  
  be26db4f753e9292bf478861f3f2fbe0
- SHA1
  
  6a74c5cf6cf0f876128cd257353a593ad0bb9afb
- SHA256
  
  18e1041e875dcf54e71d511f3a09835f54ff3bd27406df6faed1073761c0996d
- SHA512
  
  99fe4063c110ae0c078d23deb1e42dfebf51966414e7ee7e4da7ce196c8ec49a6c0c04036ccf435a45c0404939c4c83a1bc36fdd1a6eab72bc04e314e72d90df
- SSDEEP
  
  1536:d4oHIQIogjnc8LPwTlKZl6D7xT/zAOVf9ZkBxkGNiih:dIQCjc9l/nf9ZknkMh
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2