66b03cf0f39a60984e002a47d76f9fab3d19d149a4bdfd5d1580c37d26fd58e9 | Triage

Sharing

General

Target

66b03cf0f39a60984e002a47d76f9fab3d19d149a4bdfd5d1580c37d26fd58e9_NeikiAnalytics.exe
Size

295KB
Sample

240625-qwxwgawcmk
MD5

cb8fc03f6449a8583f0d99f1ebc5eec0
SHA1

9b21f4cf8dc3b153291865a8826ca0498dc074c8
SHA256

66b03cf0f39a60984e002a47d76f9fab3d19d149a4bdfd5d1580c37d26fd58e9
SHA512

de09f84d9278b781961b126e8cc5727f3bbd70d535326cc38b962607b08dd5877aeeda468818388394934e3cfbe570852407d650e7e098ee06fc4fd1c0161e8e
SSDEEP

6144:gRt7JeURyC30t51PY1PRe19V+tbFOLM77OLY:EWFE0n6fe0tsNM

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  66b03cf0f39a60984e002a47d76f9fab3d19d149a4bdfd5d1580c37d26fd58e9_NeikiAnalytics.exe
- Size
  
  295KB
- MD5
  
  cb8fc03f6449a8583f0d99f1ebc5eec0
- SHA1
  
  9b21f4cf8dc3b153291865a8826ca0498dc074c8
- SHA256
  
  66b03cf0f39a60984e002a47d76f9fab3d19d149a4bdfd5d1580c37d26fd58e9
- SHA512
  
  de09f84d9278b781961b126e8cc5727f3bbd70d535326cc38b962607b08dd5877aeeda468818388394934e3cfbe570852407d650e7e098ee06fc4fd1c0161e8e
- SSDEEP
  
  6144:gRt7JeURyC30t51PY1PRe19V+tbFOLM77OLY:EWFE0n6fe0tsNM
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2