052bdad2d16c17e38da8a94a830c9a1696dc09c168ba9cb1c6416d38e05e41a3 | Triage

Sharing

General

Target

052bdad2d16c17e38da8a94a830c9a1696dc09c168ba9cb1c6416d38e05e41a3_NeikiAnalytics.exe
Size

1.2MB
Sample

240625-yqfc8sscqp
MD5

540233dc5d9b672af783be12ea4b0ad0
SHA1

ec0f5f776caa0b519380a7bc8e031afd9689fa5c
SHA256

052bdad2d16c17e38da8a94a830c9a1696dc09c168ba9cb1c6416d38e05e41a3
SHA512

583ad8f7a00cee8a9979e5f43423d39948103d2b136231defa747939d7124279825430ce82d0d515bb24da045dfb52197f3daf780505e68bf94eb9545eea0390
SSDEEP

6144:r9+DhkJD3e/Icl4yjThipmMH/gysNkvC8vA+XTv7FYUwMOFusQ+kJ3StWDKcGVol:cIsFv4pnsKvNA+XTvZHWuEo3oW2to

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  052bdad2d16c17e38da8a94a830c9a1696dc09c168ba9cb1c6416d38e05e41a3_NeikiAnalytics.exe
- Size
  
  1.2MB
- MD5
  
  540233dc5d9b672af783be12ea4b0ad0
- SHA1
  
  ec0f5f776caa0b519380a7bc8e031afd9689fa5c
- SHA256
  
  052bdad2d16c17e38da8a94a830c9a1696dc09c168ba9cb1c6416d38e05e41a3
- SHA512
  
  583ad8f7a00cee8a9979e5f43423d39948103d2b136231defa747939d7124279825430ce82d0d515bb24da045dfb52197f3daf780505e68bf94eb9545eea0390
- SSDEEP
  
  6144:r9+DhkJD3e/Icl4yjThipmMH/gysNkvC8vA+XTv7FYUwMOFusQ+kJ3StWDKcGVol:cIsFv4pnsKvNA+XTvZHWuEo3oW2to
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2