814fad66a7f31778879f5e2dc3bba611551a34147468375104385fad3a1ba5ae | Triage

Sharing

General

Target

814fad66a7f31778879f5e2dc3bba611551a34147468375104385fad3a1ba5ae_NeikiAnalytics.exe
Size

176KB
Sample

240627-m7475sxhnf
MD5

1430ac5dc3de9c41c0af13993e1ffbc0
SHA1

99816defdd3c4cf64aa83d89d0dfee8d1236c37e
SHA256

814fad66a7f31778879f5e2dc3bba611551a34147468375104385fad3a1ba5ae
SHA512

bbb485b7d1e21e3a78a0271e2b914cf8300a2b998110136f5c414f2018deb42a1fe1c4dd5c1a49548f0fc041ef4a88d144995dd0fb5e36031eb42c8e9b6f0c1c
SSDEEP

3072:POrrWGTNzLhrFrfnj6+JB8M6m9jqLsFmsdYXmLlcJVIZen+Vcv2JBwwRBkBnRePB:GnWGTBhrFrfnj6MB8MhjwszeXmr8Sj

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  814fad66a7f31778879f5e2dc3bba611551a34147468375104385fad3a1ba5ae_NeikiAnalytics.exe
- Size
  
  176KB
- MD5
  
  1430ac5dc3de9c41c0af13993e1ffbc0
- SHA1
  
  99816defdd3c4cf64aa83d89d0dfee8d1236c37e
- SHA256
  
  814fad66a7f31778879f5e2dc3bba611551a34147468375104385fad3a1ba5ae
- SHA512
  
  bbb485b7d1e21e3a78a0271e2b914cf8300a2b998110136f5c414f2018deb42a1fe1c4dd5c1a49548f0fc041ef4a88d144995dd0fb5e36031eb42c8e9b6f0c1c
- SSDEEP
  
  3072:POrrWGTNzLhrFrfnj6+JB8M6m9jqLsFmsdYXmLlcJVIZen+Vcv2JBwwRBkBnRePB:GnWGTBhrFrfnj6MB8MhjwszeXmr8Sj
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2