297cc4d0bb142b0a0b379b1e5d9881a1b37af9ab40e3a438de50726403cb7f71 | Triage

Sharing

General

Target

297cc4d0bb142b0a0b379b1e5d9881a1b37af9ab40e3a438de50726403cb7f71_NeikiAnalytics.exe
Size

240KB
Sample

240625-d4q2nsycnc
MD5

4a4d99d3547371701563f47e5cc41dd0
SHA1

b94c5d6e417ab34ec4bc5bba39c99dddea5fe11a
SHA256

297cc4d0bb142b0a0b379b1e5d9881a1b37af9ab40e3a438de50726403cb7f71
SHA512

9a8648f186be688d15c55b1fb194ae8b7b1594cf786429094c7fc0db415e171442b3b64aa7fa79381d3aca3f5f6baee6b04d9d762aaa112b897be9468e993e65
SSDEEP

6144:4gOTV9jdQoPEcAJN+SYSUZCb6M3W8DStQUkA1FiHwSD:4gyDpDPtycSly8DSUA1YHVD

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  297cc4d0bb142b0a0b379b1e5d9881a1b37af9ab40e3a438de50726403cb7f71_NeikiAnalytics.exe
- Size
  
  240KB
- MD5
  
  4a4d99d3547371701563f47e5cc41dd0
- SHA1
  
  b94c5d6e417ab34ec4bc5bba39c99dddea5fe11a
- SHA256
  
  297cc4d0bb142b0a0b379b1e5d9881a1b37af9ab40e3a438de50726403cb7f71
- SHA512
  
  9a8648f186be688d15c55b1fb194ae8b7b1594cf786429094c7fc0db415e171442b3b64aa7fa79381d3aca3f5f6baee6b04d9d762aaa112b897be9468e993e65
- SSDEEP
  
  6144:4gOTV9jdQoPEcAJN+SYSUZCb6M3W8DStQUkA1FiHwSD:4gyDpDPtycSly8DSUA1YHVD
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2