636bb8df47c0971c27053e99091ca843612d4aff637845fc32d306e2cab2cc54 | Triage

Sharing

General

Target

636bb8df47c0971c27053e99091ca843612d4aff637845fc32d306e2cab2cc54_NeikiAnalytics.exe
Size

165KB
Sample

240627-h6n3baycjf
MD5

b1452a43b7c1b436d9777e2b4e6ac8e0
SHA1

f5bf30f666886aba541b6427609e6c220292d13b
SHA256

636bb8df47c0971c27053e99091ca843612d4aff637845fc32d306e2cab2cc54
SHA512

ae8fd660c5b3046344aec1997d828cc9ed03663d04b18c3ac5a1d9827f6927a180477ae26b3b5ba229f95dfac20a5d6a42aa34180fe375191e3f6d3807052565
SSDEEP

3072:YYXt4SNWJVfg/PQcIT3vQfEdArGzHq+egM5bylnO/hZP:YmD/1IbQMdArGzHregqgnO

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  636bb8df47c0971c27053e99091ca843612d4aff637845fc32d306e2cab2cc54_NeikiAnalytics.exe
- Size
  
  165KB
- MD5
  
  b1452a43b7c1b436d9777e2b4e6ac8e0
- SHA1
  
  f5bf30f666886aba541b6427609e6c220292d13b
- SHA256
  
  636bb8df47c0971c27053e99091ca843612d4aff637845fc32d306e2cab2cc54
- SHA512
  
  ae8fd660c5b3046344aec1997d828cc9ed03663d04b18c3ac5a1d9827f6927a180477ae26b3b5ba229f95dfac20a5d6a42aa34180fe375191e3f6d3807052565
- SSDEEP
  
  3072:YYXt4SNWJVfg/PQcIT3vQfEdArGzHq+egM5bylnO/hZP:YmD/1IbQMdArGzHregqgnO
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2