0cf5a9e0976f3488cd91075bd9d71102c7b1c30e52a22558dfdfe97d4298b480 | Triage

Sharing

General

Target

0cf5a9e0976f3488cd91075bd9d71102c7b1c30e52a22558dfdfe97d4298b480_NeikiAnalytics.exe
Size

136KB
Sample

240625-zmy7lssdjg
MD5

5089374ca37bfbcee12c2484490d94f0
SHA1

69eb2f2f297eafa0dccf86eac08fedaec4633732
SHA256

0cf5a9e0976f3488cd91075bd9d71102c7b1c30e52a22558dfdfe97d4298b480
SHA512

8f9cc0f6fb1f041ef910e9bc7dca4f38dbfc145c430e04f455760c3ecdc760a8ddde527e8240835734e4460109074c9ee5078bc85a6ba4f9e29b13e71429d4ad
SSDEEP

3072:T8ai86hn9TZw/7TwYRyRsohLwdNbw+Y92xQuohLwdNbw5bxH0zVWccA:T8ai8Mn9TkhyRsohxd2Quohdbd0zscj

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  0cf5a9e0976f3488cd91075bd9d71102c7b1c30e52a22558dfdfe97d4298b480_NeikiAnalytics.exe
- Size
  
  136KB
- MD5
  
  5089374ca37bfbcee12c2484490d94f0
- SHA1
  
  69eb2f2f297eafa0dccf86eac08fedaec4633732
- SHA256
  
  0cf5a9e0976f3488cd91075bd9d71102c7b1c30e52a22558dfdfe97d4298b480
- SHA512
  
  8f9cc0f6fb1f041ef910e9bc7dca4f38dbfc145c430e04f455760c3ecdc760a8ddde527e8240835734e4460109074c9ee5078bc85a6ba4f9e29b13e71429d4ad
- SSDEEP
  
  3072:T8ai86hn9TZw/7TwYRyRsohLwdNbw+Y92xQuohLwdNbw5bxH0zVWccA:T8ai8Mn9TkhyRsohxd2Quohdbd0zscj
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2